- Use FSCRYPT_MAX_KEY_SIZE from <linux/fscrypt.h> instead of manually
defining FS_AES_256_XTS_KEY_SIZE. These have the same numeric value
(64), but the former is supposed to be used, and AES-256-XTS isn't
necessarily the encryption algorithm that is being used anyway.
- Use the new name FSCRYPT_KEY_DESCRIPTOR_SIZE instead of the old name
FS_KEY_DESCRIPTOR_SIZE. These have the same numeric value (8).
- Don't try to handle sizeof(fscrypt_key::raw) > FSCRYPT_MAX_KEY_SIZE,
as this simply isn't the case.
- Set fscrypt_key::mode to 0 rather than FS_ENCRYPTION_MODE_AES_256_XTS.
This field has always been ignored by the kernel, and AES-256-XTS
isn't necessarily the encryption algorithm that is being used anyway.
- Initialize the fields of fscrypt_key in order.
This is a cleanup only.
Test: booted hikey with fileencryption=aes-256-xts and a kernel that
doesn't support the new fscrypt ioctls.
Bug: none
Change-Id: Ie2a7e9240aa479dfab2765c11db8a7124d20c643
If vold's view of /storage is FUSE, it means that creation of
directories in Android/ will go through FUSE as well. The implementation
of fs_mkdirs() tries to opendir() individual parts of the entire path;
so for a path "/storage/emulated/0/Android", it will try to opendir()
"/storage", "/storage/emulated", etc.
By default, "/storage/emulated" is created with 711 permissions; while
vold itself is root, access to /storage/emulated is routed through
MediaProvider (because of FUSE), and MediaProvider doesn't run as root,
nor does it have the capabilities to bypass the ACL. This means that
fs_mkdirs() as it is will fail, because opendir("/storage/emulated")
will fail from MediaProvider.
To prevent this, route these accesses directly to the lower filesystem
(currently, sdcardfs), by renaming the paths.
Bug: 146189163
Test: atest AdoptableHostTest
Change-Id: Idbb41b9ffad9713f3b255c51bd4de16f4d090223
aosp/1184798 has updated the kernel headers to 5.4, so we no longer need
the file fscrypt_uapi.h. In KeyUtil.cpp we also now don't need
<linux/fs.h>, but rather just the more specific <linux/fscrypt.h>.
Test: build
Bug: None
Change-Id: I56d17826eb7c3b95c74ce0435a4feae7f3cc325e
Now that StorageManager asks vold to create package directories again,
apps only need write access in their own app-private directory. Both
app-private and OBB dirs will be created by privileged daemons as
needed.
This means we can use the "default" sdcardfs view for the Android/
bind-mount again. This has the added benefit that it fixes shell, which
wasn't in the "everybody" group, and therefore suddenly couldn't enter
/sdcard/Android anymore.
Bug: 146189163
Test: atest AdoptableHostTest
Change-Id: I37ca3b19ea4d11ed866efa808f51be945a4dc080
With the newly added flag for Settings developer options, which is now
used to change the state of FUSE, PROP_FUSE now acts as the snapshot
feature flag for the current boot.
Bug: 145391093
Test: atest AdoptableHostTest
Change-Id: I22363b088e88c764294cbd61c6d94160c907fae3
* changes:
Use a regular set for started users.
When unmounting, only kill user-specific paths.
Bind mount Android/ directory in FUSE.
Use sdcardfs for pass-through mounts.
We want started users to be an ordered set; eg user 0 should always go
first. This is because volumes for users other than 0 depend on user 0
coming up first, because the volume for user 0 is the one mounting
sdcardfs.
Bug: 13789012
Test: atest AdoptableHostTest
Change-Id: Ic9119f0a24bd261e5362019836ac240b90c681c0
The path for emulated volumes is set to /storage/emulated,
not /storage/emulated/<userid> . When unmounting, we only
want to kill process with a reference to /<userid>; this prevents
killing processed needlessly.
Bug: 137890172
Test: atest AdoptableHostTest
Change-Id: I70e36e87077e87db9b3c7e07dc0e481ba06c2c14
For apps seeing the FUSE filesystem, we want to bind-mount the Android/
directory to the lower filesystem. The main reason for this is game
performance - Android/ contains both OBBs and app-private external data,
and both are heavily accessed during game startup. This is a pretty
straightforward bind-mount on top of /mnt/user.
Bug: 137890172
Test: Running the following:
df /storge/emulated/0 ==> /dev/fuse (FUSE)
df /storage/emulated/0/Android ==> /data/media (sdcardfs)
Test: atest AdoptableHostTest
Change-Id: Ic17a5751b5a94846ee565ff935644a078044ab06
The pass-through mount is used by MediaProvider to access external
storage. Previously, it was the raw filesystem (eg ext4/f2fs); the
problem with that is that the permissions on that filesystem don't allow
MediaProvider to access all the files it needs to - in particular
directories under Android/
To solve this problem, we can have the pass-through mount sit on top of
sdcardfs instead of the raw filesystem. This means we need to mount
sdcardfs even in case we're using FUSE, but we already needed to do this
anyway for other performance reasons.
Bug: 135341433
Test: atest AdoptableHostTest
Change-Id: I893d5e5076c5096d2d55212f643c9a857242e964
In case of userspace reboot, this function will be called again to
remount userdata into checkpoint mode.
Test: adb shell setprop sys.init.userdata_remount.force_umount_f2fs 1
Test: adb shell /system/bin/vdc checkpoint startCheckpoint 1
Test: adb reboot userspace
Test: adb shell dumpsys activity
Bug: 135984674
Bug: 143970043
Change-Id: I300b1960a6c4e95b13c43d806c4f3a9e4a612ac4
Long before scoped storage, FUSE was used to create several views of the
filesystem; this was later replaced by sdcardfs, yet the code still
references FUSE in variables and log messages. Fix those up to avoid
confusion with the "new FUSE".
Bug: 135341433
Test: atest AdoptableHostTest
Change-Id: I2966c5f95d6f38df36a20cdfdd0b95b3051f3f1e
LOG() can hang, because another vold thread may have been holding
a libc lock at the time we forked. Simply moving the log line to
before the fork().
Bug: 135341433
Test: atest AdoptableHostTest
Change-Id: I6063eb33f35c835a226bc1e56de97ace426747ff
This creates apexrollback directories under /data/misc_[de|ce]/<user>
which will hold snapshots of DE_n and CE_n apex data directories
(i.e. it will hold backups of data from /data/misc_[de|ce]/<user>/apexdata
for particular apexes).
See go/apex-data-directories for details.
Bug: 141148175
Test: Built and flashed, checked directory was created.
Change-Id: I468060b20dee0c50033b5f014ce8716582d5e6bc
It will be used during the userspace reboot to unmount all emulated
storages, which is a prerequisite to unmount+remount ext4 userdata into
checkpoint mode.
Test: adb shell /system/bin/vdc checkpoint startCheckpoint 1
Test: adb reboot userspace
Bug: 143970043
Bug: 135984674
Change-Id: I07491bc4be2f30debe21b764766c9def68548e16
