A new interface, F2FS_IOC_SEC_TRIM_FILE, has been added to F2FS
filesystem to send secure discard command to a specific file,
not to block device. We can use this interface for better discard
command handling on a file basis.
[how to use F2FS_IOC_SEC_TRIM_FILE]
start: start offset in byte (should be aligned with 4096)
len: length in byte (should be aligned with 4096, except designating EOF)
-1 also means till EOF.
flags: F2FS_TRIM_FILE_DISCARD - sending secure discard command. If the
device doesn't support it, send normal
discard.
F2FS_TRIM_FILE_ZEROOUT - overwrite zero data in the file.
Bug: 140759142
Test: execute "secdiscard -- <file_path>" and check the content of file
Signed-off-by: Daeho Jeong <daehojeong@google.com>
Change-Id: I6ee44a047d291274c9d70ae5e4ccccfc06a52f89
The name "pre_gki_level" is causing some confusion because not all
devices launching with Android R are subject to the GKI requirement.
(See b/161563110#comment11.) E.g., devices that use a 4.14-based kernel
are exempt from GKI. However, the encryption requirements still apply.
Just use __ANDROID_API_Q__ directly instead.
No change in behavior.
Change-Id: Id02ae1140845ac1ae7cf78be4e57fe34da028abf
Block groups with EXT4_BG_BLOCK_UNINIT still have backup superblocks
(and backup block group descriptors). Fix EncryptInPlace to encrypt
these backup superblocks rather than leave them unencrypted.
Previously leaving the backup superblocks unencrypted didn't cause any
problems, but due to system/core commit 72abd7b246f7 ("Try to recover
corrupted ext4 /data with backup superblock") it is causing problems.
Bug: 162479411
Bug: 161871210
Change-Id: Ic090bf4e88193b289b04c5254ddf661ef40b037e
Regression introduced by
commit 7ebcc2bcfd
("Revert "[Vold] Conditional dependency to ARC++ ObbVolume"")
errantly removed the product_variables support for
-D__ANDROID_DEBUGGABLE__ when built for userdebug builds.
Restore stanza.
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 161454607
Test: adb-remount-test no longer reports a problem
Change-Id: Ia7e55d1174fa7fac2d934d4aac06d15e8be388af
Now that Bionic's copy of <linux/fscrypt.h> has been updated, there's no
need for vold to carry its own fscrypt_uapi.h.
Test: build
Change-Id: I61581ac74f7cf77bc8a835e64d96553a9d0c517a
Use C++'s built-in mechanism for one-time initialization rather than
implement it ourselves in a way that isn't thread-safe.
(It doesn't *actually* need to be thread-safe, since all callers of this
run under ACQUIRE_CRYPT_LOCK. But that's not easy to verify.)
Test: booted Cuttlefish and checked log for the one-time message
"Detected support for FS_IOC_ADD_ENCRYPTION_KEY"
Change-Id: I6ca5b143ca305fa95144e388efc9657e3507bf05
This reverts commit aedae617fe.
Reason for revert: ArcObbVolume is not needed by ARCVM R and above.
Bug: 157885448
Test: trybot
Change-Id: I16395ac8b6902cedea263f51e306b297d719043f
The emmc_optimized encryption flag is specifically designed for the
limitations of inline encryption hardware that follows the eMMC
standard. It isn't appropriate to use on other types of storage.
So, make vold enforce that it's not used on other types of storage.
Bug: 160639344
Test:
- Enabled emmc_optimized on Cuttlefish and verified it no longer boots
- Using a modified version of this change, verified that
IsEmmcStorage() works as expected on various devices including
Cuttlefish, Cuttlefish booted in GSI image mode, a device with eMMC
storage, and a device with UFS storage.
- Verified that VtsKernelEncryptionTest still passes
Change-Id: Ie27b80658db53b1a4207b3cbb4e309d05130812e
This is needed so "adb remount" can avoid writing to /data during a
checkpoint.
Bug: 157540389
Test: manual test
Change-Id: I33a691da3b99343acfc1e8ddf68a14504c3bfbe1
Bug: 152150018
Test: Cuttlefish with and without keydirectory option
Cherry-Picked-From: 94abae03a9
Merged-In: I400873ec207cb63f0407fefc83962bb3a927e294
Change-Id: I400873ec207cb63f0407fefc83962bb3a927e294
When the vold core decides if a device is SD or USB, it checks for MMC
or virtio, however when the filesystem type is decided, it does not
check for virtio, only MMC. This causes virtio SD cards to be formatted
with ext4 unconditionally.
This fix is independently correct, but it incidentally gets adopted
storage working on cuttlefish (and Android Emulator) because f2fs can
support fscrypt and casefolding at the same time; ext4 currently cannot.
Bug: 156286088
Change-Id: I0b41670d5f76b2506dad437917c2276f8e0aaccf
Merged-In: I0b41670d5f76b2506dad437917c2276f8e0aaccf
The Android Emulator isn't the only virtual device the virtio-block
detection code is useful for, and those platforms might not set any
discriminating properties to indicate that they are virtual.
Rework the virtio-block major detection to use /proc/devices instead
of hardcoding the assumption that any virtual platform can have
virtio-block at any experimental major; the new code permits only the
exact experimental major assigned to virtio-block.
The new code runs everywhere, but it will only run once and could be
expanded later to detect dynamic or experimental majors.
Bug: 156286088
Change-Id: Ieae805d08fddd0124a397636f04d99194a9ef7e5
Merged-In: Ieae805d08fddd0124a397636f04d99194a9ef7e5
This reverts commit dcbd4fcad2.
Reason for revert: ARC is migrating to ARCVM on R, which doesn't use AppFuse any more.
Change-Id: Ifd0bf92a79c0ff25d782bea44dd593f9502f1959
fs_mgr supports 'nofail' flag, which is used if we do not want to
error-out incase the mounting/setup fails for a partition tagged with
nofail flag in fstab.
Recently added code in vold misses this handling, i.e. it aborts even
for a nofail partition upon encountering an expected failure.
Test: Add a non-existing logical partition fstab entry with 'nofail'
flag. Init's first stage mount acks this and doesn't crash.
Vold aborts (as it doesn't handle it), and device doesn't boot.
With this change, device boots up.
Change-Id: I2b1904a9c648c31bcc05b2e7e77480db236ff66e
