Commit graph

95 commits

Author SHA1 Message Date
Automerger Merge Worker
332d1ec143 Merge "umount /data/user/0 before umount /data" am: 3a0fd35b62 am: 20f9f29d53
Change-Id: I0cef7deb44c9b55d7f9adbc7022bb484086449c9
2020-03-04 05:09:52 +00:00
Hyangseok Chae
3cf3233bac umount /data/user/0 before umount /data
FDE device has shut down and restart the framework.
But restart is not triggered due to umount fail.
umount /data fail with "device is busy"
It is because bind mount /data/data to /data/user/0

We need umount /data/user/0 before umount /data

Bug: 148004718
Test: Flash GSI and check boot with FDE and FBE device.
Change-Id: I919f9e31a9d2d745b297a7ab99b399aa9b293b39
2020-03-04 02:27:50 +00:00
Automerger Merge Worker
7489ab6961 Merge changes from topics "metadata_wrapped_key_aosp", "volume_metadata" am: 36fd1ebfae am: 6891eb7e2d am: c14f46d114
Change-Id: I89f51bfaeb61c235aeccbe8a5a5a447ab14c46cb
2020-02-19 22:19:26 +00:00
Paul Crowley
249c2fb4aa Refactor: make makeGen local
No need for KeyUtil to know how to make a KeyGeneration, it's cleaner
if each module handles it separately. Also, create a CryptoOptions
structure to track metadata encryption options, and simplify legacy
cipher/option handling.

Test: Treehugger
Bug: 147814592
Change-Id: I740063882914097329ff72348d0c0855c26c7aab
2020-02-18 12:49:36 -08:00
Paul Crowley
4eac264727 Refactor key generation to handle both normal and metadata encryption.
Bug: 147733587
Test: Treehugger
Change-Id: Iee176037dec2621c84da325c2627f988fcebbc8d
Merged-In: Iee176037dec2621c84da325c2627f988fcebbc8d
2020-02-14 13:59:06 -08:00
Paul Crowley
b3d018a62c Refactor key generation to handle both normal and metadata encryption.
Bug: 147733587
Test: Treehugger
Change-Id: Iee176037dec2621c84da325c2627f988fcebbc8d
2020-02-14 13:39:19 -08:00
Paul Crowley
85d1c77ff6 Merge changes Ic3993c1f,I06645bb4 am: ac34e9aa3e am: b62afed286 am: 54d05de798
Change-Id: Ib122e011bb7be162b76b94a31885863d2aff6d1e
2020-02-14 18:57:33 +00:00
Paul Crowley
220567c33a Generalize CryptoType infrastructure
More consistency between MetadataCrypt and cryptfs, and steps towards
supporting Adiantum properly in MetadataCrypt.

Test: create private volume on Cuttlefish
Bug: 147814592
Change-Id: Ic3993c1fde11b4f5a9e6cc8ee588a7d92241c6ab
2020-02-14 00:48:27 -08:00
Paul Crowley
a661fb659b Refactor CryptoType to use better names, and size_t not uint32_t
Test: treehugger
Bug: 147814592
Change-Id: I06645bb4941794797beebf05b817c4ac52e09cd7
2020-02-13 16:40:25 -08:00
Automerger Merge Worker
50f7de29be Merge "Use DM layer directly to manage private DM volumes" am: dd12ea5bd2 am: 47aff8772d am: e3609aa837
Change-Id: I663a0ad6990acfc2cd936b52e39b346c2e48b6ed
2020-02-13 19:08:54 +00:00
Martijn Coenen
1dc4f816bd Merge "Retry deleting dm devices." 2020-02-13 18:17:42 +00:00
Martijn Coenen
26ad7b34d1 Retry deleting dm devices.
For some reason this can be racy; until we understand the root cause,
retry to unblock presubmit.

Bug: 149396179
Test: atest AdoptableHostTest no longer hangs
Change-Id: I3fb4f1d966172bac2f6c52d41c4564f905765212
2020-02-13 16:56:07 +01:00
Paul Crowley
659b63fe00 Use DM layer directly to manage private DM volumes
Abolish cryptfs_revert_ext_volume, handle in caller. This allows us to
use DeleteDeviceIfExists, avoiding a spurious error message.

Test: create private volume on Cuttlefish, eject, check logs
Bug: 147814592
Change-Id: I836d8bd11b29e32da0863aaa75144543bb9cab9c
2020-02-12 14:26:38 -08:00
Paul Crowley
3d98f5d159 Pass volume key as a KeyBuffer
Not for security, but for consistency with the way we handle other
keys, and to move the length check to where it belongs.

Test: create private volume on Cuttlefish
Bug: 147814592
Change-Id: I10fc4896183d050ce25ff174faf78f525cf62930
2020-02-12 14:26:38 -08:00
Paul Crowley
81796e9dce Use std::string to return crypto device, not char *
Bug: 147814592
Test: can create private volume on Cuttlefish
Change-Id: Ic2bca81c0f0319e1b988e9204a2f4e91af57d157
2020-02-07 11:27:49 -08:00
Paul Crowley
73be12dcd5 Refactor: make cryptfs.h smaller
Move most of it into cryptfs.cpp, and include cryptfs.h in fewer files.

Bug: 147814592
Test: Treehugger
Change-Id: Ia3592d73e7abc1f07a60538e0978a3033bdea7de
2020-02-07 11:16:12 -08:00
Tri Vo
15bbe22879 vold: use RAII wake locks
Prevents wake lock leaks, e.g. b/133175847

Bug: 133175847
Test: boot blueline
Change-Id: Icda4c81e00a61adec6a12c61c329867fef284dc5
2019-06-26 10:20:30 -07:00
Ruslan Tkhakokhov
a37c01756f Merged-In Revert "vold: use RAII wake locks"
This reverts commit 242130f3f8.

Reason for revert: breaks the build

Change-Id: Ide809a114b2a04538f3ba4ed8af934bf326e54f3
2019-06-21 10:33:30 +00:00
Tri Vo
242130f3f8 vold: use RAII wake locks
Prevents wake lock leaks, e.g. b/133175847

Bug: 133175847
Test: boot blueline
Change-Id: I62fd1c6c3abbfd35aebe11343abd717a7cf4eef7
2019-06-18 15:34:12 -07:00
David Anderson
b92247368a Replace manual dm ioctls with libdm.
This mostly 1:1 replaces manual ioctls to device-mapper with calls to
libdm. There were two exceptions:

(1) There is a very old table-load-retry loop to workaround issues with
    umount (b/7220345). This loop has been preserved, however, it now
    includes DM_DEV_CREATE as well as DM_TABLE_LOAD.
(2) There was some ancient code to set DM_DEV_GEOMETRY for obb
    dm-devices. This never did anything since geometry must be set after
    loading a table. When setting it before (as vold was doing), the
    subsequent DM_TABLE_LOAD will clear it.

Bug: 132206403
Test: FBE device boots
      FBE device w/ metadata encryption boots
      FDE device boots
      atest StorageManagerIntegrationTest
Change-Id: Ib6db6b47329f093ac7084edaf604eddace8b9ac6
2019-05-13 13:07:12 -07:00
Martijn Coenen
aec7a0a165 Stop using trigger_reset_main.
This trigger was used on FDE devices to bring down the minimal
framework, and worked by shutting down the 'main' service class.

With APEX being introduced, we want to restart all services that were
started after the tmpfs /data was mounted, as those are the services
that haven't been able to use updated APEXes in the (real) /data.

In order to do this, we need to reset more classes; that in turn
made the 'shutdown_main' trigger pretty much similar to the
previously existing 'trigger_shutdown_framework' trigger; so instead
of keeping two duplicate triggers, use only the
'trigger_shutdown_framework' one.

Bug: 118485723
Test: Taimen configured as FDE boots, Taimen configured as FBE boots
Change-Id: I0d80ef2528bd70870b063a2c580cd00a03de9961
2019-04-26 14:05:28 +02:00
xzj
7e38a3a3c8 fix data encryption fail when ENCRYPTION_FLAG_NO_UI is set
cause: data partition not being umount before real encryption
Change-Id: If5cc084c182d96c6205359b76ee0c474f6a77a2e
2019-04-19 18:07:13 +00:00
Tom Cherry
4c5bde2b92 Move over to the C++ Fstab class
Test: build and boot
Change-Id: Id3850c9c133f6644073a2439368501253a2a94a9
2019-01-31 12:34:39 -08:00
LongPing Wei
7f3ab95b8d Remove secontext.h, secontext.cpp, hash.h
cryptfs.cpp and MetadataCrypt.cpp can use android::vold::sFsckContext directly.
hash.h is unuseful.

Test: make
Change-Id: I7acdac97d6ed1c9b2a5dc367fcea8aa2942192e8
2019-01-30 16:28:02 +08:00
Eric Biggers
e1a7e77269 cryptfs: improve logging of dm-crypt device creation
Log the main configuration of the dm-crypt device -- the name, the
cipher, the keysize, the real device, and the length -- in addition to
the extra parameters which we were already logging.

(We can't simply log the actual string passed to the kernel, of course,
 because that includes the key.  So we choose the fields individually.)

Test: booted device configured to use FDE and checked the log message
Change-Id: Ia95de807c4fad68d93b7e7e73508a01e5139dc76
2019-01-25 13:42:07 -08:00
Eric Biggers
ed45ec3ae8 cryptfs: round down dm-crypt device size to crypto sector boundary
This is needed to make adoptable storage volumes work with a 4K crypto
sector size when the block device size is not a multiple of 4K.

It is fine to do this because the filesystem ends on a 4K boundary
anyway and doesn't use any partial block at the end.

Bug: 123375298
Test: booted device configured to use FDE with sector size 4k, ran
      'sm set-virtual-disk true' and formatted the virtual SD card as
      adoptable storage.  Then did the same but with a temporary patch
      that changed kSizeVirtualDisk to be misaligned
Change-Id: I95ee6d7dcaaa8989c674aea9988c09116e830b0c
2019-01-25 13:42:02 -08:00
Eric Biggers
3a2f7db477 cryptfs: check for errors in create_encrypted_random_key()
When generating the key and salt we weren't checking for an error
opening or reading from /dev/urandom.  Switch to the helper function
ReadRandomBytes() and start checking for errors.

Test: Booted device with FDE.  As a extra sanity check I also
      temporarily added log messages that dump the key and salt,
      and I verified they still appear random.
Change-Id: I01ccee4f1f9910bf9508c8f02a918157393b0e68
2019-01-18 13:26:08 -08:00
Yue Hu
9d6cc18bf1 cryptfs: Add error messages when remove dm-crypt device is failed
We do not know what happened if remove dm-crypt device is failed, so
the error status added is useful to debug failed ioctl.

Change-Id: I49be91b9087ef2a213a706dd6b2a07eb6dafe6e6
Signed-off-by: Yue Hu <zbestahu@gmail.com>
2019-01-03 14:20:27 +08:00
Greg Kaiser
ab1e84ad5f cryptfs: Allow setting dm-crypt sector size
We add the property ro.crypto.fde_sector_size to allow devices
to pass the "sector_size:<size>" argument to dm-crypt in the kernel.
We also pass "iv_large_sectors" when setting the sector size.

Using 4096-byte sectors rather than the default of 512 improves
dm-crypt performance, especially when the Adiantum encryption mode
is used.

Bug: 112010205
Test: Run on a device
Change-Id: I144ec7088a0aad3430369dc7158370d7ff3ef5d2
2018-12-11 17:22:00 -08:00
Greg Kaiser
8cb4c9ff78 cryptfs: Add Adiantum support
Adiantum is a crypto method Android is supporting for devices
which don't have AES CPU instructions.  See the paper
"Adiantum: length-preserving encryption for entry-level processors"
(https://eprint.iacr.org/2018/720.pdf) for more details.

We add Adiantum to our list of supported crypto types.

Bug: 112010205
Test: Tested on a device
Change-Id: Ic190a9b90fc8bc077fdc7d60c9d5ae8d8f555025
2018-12-11 15:41:17 -08:00
Rubin Xu
f83cc61c1f Fix signedness mismatch and integer underflow
persist_get_max_entries() is supposed to return an unsigned integer as the
maximum number of entries but it also wrongly returns "-1" as an error
condition. Also fix an issue where an unsigned subtraction in this routine
could lead to integer underflow.

Bug: 112731440
Test: manual
Change-Id: I9672e39bef2c12156dda7806a08c52044962c178
2018-12-06 14:17:48 -08:00
Paul Crowley
cfe3972f2d Wait for dm device to be ready before format
It can sometimes take a moment for the dm-device to appear after
creation, causing operations on it such as formatting to fail.
Ensure the device exists before create_crypto_blk_dev returns.

Test: adb sm set-virtual-disk true and format as adoptable.
Bug: 117586466
Change-Id: Id8f571b551f50fc759e78d917e4ac3080e926722
Merged-In: Id8f571b551f50fc759e78d917e4ac3080e926722
2018-11-05 13:59:08 -08:00
Eric Biggers
a701c458ca vold: rename from "ext4 encryption" to fscrypt
We support file-based encryption on both ext4 and f2fs now, and the
kernel API is the same.  So rename things appropriately in vold:

    e4crypt => fscrypt
    ext4enc => fscrypt
    Ext4Crypt => FsCrypt
    EXT4_* => FS_*
    ext4_encryption_key => fscrypt_key

Additionally, the common functions shared by 'vold' and 'init' are now
in libfscrypt rather than ext4_utils.  So update vold to link to
libfscrypt and include the renamed headers.

Note: there's a chance of 'fscrypt' being confused with the dm-crypt
based encryption code in vold which is called 'cryptfs'.  However,
fscrypt is the name used in the kernel for ext4/f2fs/ubifs encryption,
and it's preferable to use the same name in userspace.

Test: built, booted device with f2fs encryption
Change-Id: I2a46a49f30d9c0b73d6f6fe09e4a4904d4138ff6
2018-10-25 17:12:32 -07:00
Treehugger Robot
a3381ffc3f Merge "Add support for checkpointing" 2018-09-25 21:52:19 +00:00
Oleksiy Avramchenko
625dc787c6 Add GetBlockDevSize, GetBlockDevSectors helpers
Helpers to get a block device size in bytes or 512 byte sectors,
using BLKGETSIZE64 and returning value of uint64_t type.

This also removes get_blkdev_size().

Test: build, manual, mount exFAT volume
Bug: 80202067
Change-Id: Ib07e8ac6ef7ff49de0ed570d1fa202e8b558b80c
2018-09-24 14:25:24 +02:00
Daniel Rosenberg
65f99c9e8b Add support for checkpointing
Checkpointing uses a combination of files on the meta partition
and the checkpoint= fs_mgr flag. Checkpointed partitions will
revert to their starting state on reboot unless checkpoint commit
is called.

Test: Run vdc commands, check file on metadata
Merged-In: Icba16578608a6cbf922472e9d4ae5b8cf5f016c6
Change-Id: Icba16578608a6cbf922472e9d4ae5b8cf5f016c6
2018-09-21 21:54:11 +00:00
Paul Crowley
14c8c0765a clang-format many files.
Test: Format-only changes; treehugger suffices.
Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 15:41:22 -07:00
Greg Kaiser
b353a61292 cryptfs: Remove Speck support
Remove the Speck encryption support. It was eventually
decided not to allow Speck in Android P, so this code
is no longer needed and wasn't used outside of testing.

Note we don't just "git revert" the original commit
(38723f23ff) because we want
to retain the infrastructure for allowing new types of
crypto algorithms in the future.

Bug: 112009351
Test: Attempted to setup a device with ro.crypto.fde_algorithm set to Speck, and Speck was rejected and the system defaulted to AES.
Change-Id: I69a8b4e8632f8d30b5b54783cb986ab42d4397d9
2018-08-07 10:11:05 -07:00
Luis Hector Chavez
cf5c9907f5 resolve merge conflicts of 7bf98aa8a0 to pi-dev-plus-aosp
BUG: None
Test: I solemnly swear I tested this conflict resolution.
Change-Id: I08252155f04e8b414f2149d8b29e5e2fff6bcc82
2018-06-05 10:10:08 -07:00
Luis Hector Chavez
bbb512d019 vold: Avoid SIGSEGVs when fstab lacks /data
This change adds null-checks for all the places where cryptfs tries to
access the /data entry in fstab, to avoid crashes.

Bug: 80493321
Test: No crashes in Android-in-Chrome OS (which lacks /data in fstab)
Change-Id: Id6cdfe01cdd336cebf8afb9bdd07135811115182
Merged-In: Id6cdfe01cdd336cebf8afb9bdd07135811115182
2018-06-04 19:12:17 +00:00
Logan Chien
196d5850f2 Replace library headers with angle quotations
This commit replaces the double quotations for library headers with
angle quotations.

Test: cd system/vold && mma
Change-Id: I3c14cfcf80f29173669409df548af84c1b39b96d
Merged-In: I3c14cfcf80f29173669409df548af84c1b39b96d
2018-05-02 12:18:45 +08:00
Logan Chien
862eef7ace Reorder the include directives in cryptfs.cpp
This commit reorders the include directives in cryptfs.cpp so that
upcoming <cutils/log.h> change can be obvious.

Test: lunch aosp_walleye-userdebug && cd system/vold && mma
Change-Id: I9d2ea66c15b7b68014a67ba7c1420075953459ba
Merged-In: I9d2ea66c15b7b68014a67ba7c1420075953459ba
2018-05-02 12:18:38 +08:00
Logan Chien
188b0ab7b3 Deprecate <cutils/log.h> and <utils/Log.h>
This commit replaces <cutils/log.h> and <utils/Log.h> with <log/log.h>.

Background:
<cutils/log.h> has been moved to <log/log.h> for a while.  Both
<cutils/log.h> and <utils/Log.h> simply includes <log/log.h> for
backward compatibility.  This commit is a part of the effort to remove
<cutils/log.h> and <utils/Log.h> from the source tree eventually.

Bug: 78370064
Test: lunch aosp_walleye-userdebug && cd system/vold && mma
Change-Id: I1f9b7b132f9c35469e97556a30b521cc47e829d7
2018-05-02 12:10:19 +08:00
Logan Chien
3f2b122cd2 Replace library headers with angle quotations
This commit replaces the double quotations for library headers with
angle quotations.

Test: cd system/vold && mma
Change-Id: I3c14cfcf80f29173669409df548af84c1b39b96d
2018-05-02 12:10:16 +08:00
Logan Chien
d557d76466 Reorder the include directives in cryptfs.cpp
This commit reorders the include directives in cryptfs.cpp so that
upcoming <cutils/log.h> change can be obvious.

Test: lunch aosp_walleye-userdebug && cd system/vold && mma
Change-Id: I9d2ea66c15b7b68014a67ba7c1420075953459ba
2018-05-02 12:09:39 +08:00
Paul Crowley
385cb8c4d6 Gate use of allow_encrypt_override behind ro.crypto property
Test: use adb set-virtual-disk to create a virtual partition
Bug: 25861755
Change-Id: I6a227a083c82321c8d4d2d9188091a6f7f0451f0
2018-03-29 13:39:21 -07:00
Greg Kaiser
38723f23ff cryptfs: Optionally get crypto type as a property
Instead of hardcoding to "aes-cbc-essiv:sha256" with a 16 byte
key, we introduce a new property, "ro.crypto.fde_algorithm",
to allow the use of different crypto types.  The only other
method we currently support is "speck128-xts-plain64" with
a 32 byte key, although new crypto types are easily added.

We intentionally derive things like the crypto name and the
keysize from the given property name.  This means the code
must be changed for each new crypto type we want to support,
but that's worth it to remove the exploit vector of crypto
types with incorrect key sizes.

Due to previous refactoring CLs, this has minimal impact on
the current code other than changing what we return for
cryptfs_get_{keysize,crypto_name}.

Bug: 73079191
Test: Flashed onto a gobo device with the property set for SPECK, and confirmed via kernel debug output we were using SPECK on the device.
Change-Id: I9c9df61590344c5f62114dfbf679031b0c2ceb1f
2018-02-16 15:24:20 -08:00
Greg Kaiser
57f9af6af4 cryptfs: Require ext disk crypt to match code
Our external partitions have no crypto header/footer, so we
only get the keysize and key.  Our code has been implicitly
assuming that this keysize off of disk matches the crypto
type we have in our code (and thus matches the keysize our
code is using as well).  We now make this assumption
explicit, and check for this and no longer allow external
code to pass a keysize in to cryptfs.

Bug: 73079191
Test: Compiled and tested in combination with other CLs.
Change-Id: I1a1996187e1aaad6f103982652b1bcdfd5be33ce
2018-02-16 15:23:56 -08:00
Greg Kaiser
59ad018d0b cryptfs: Use the crypt_mnt_ftr keysize
Our code has places where we were reading in the crypt_mnt_ftr
struct from disk, but then proceeding to use a hardcoded constant
for the keysize.  We plan to allow crypto with different sized
keys in the future, so we want to just trust the keysize we get
off of disk.

While doing this, we reject any crypt_mnt_ftr we read from disk
which has a keysize in excess of MAX_KEY_LEN.  This defends us
against buffer overflows in the case of corrupt disk data.

Bug: 73079191
Test: Compiled and tested in combination with other CLs.
Change-Id: Id6f192b905960e5508833e9cd3b4668d4754dc7e
2018-02-16 15:22:43 -08:00
Greg Kaiser
00eda38635 cryptfs: Don't use bare integers for key size
Rather than use an integer and have a comment, we use a named
constant for sizing these master key buffers.  This will help
avoid confusion when we switch to allowing different sized
master keys.

Bug: 73079191
Test: Build
Change-Id: Ifaffdd94d337bb2d5a178f818dfe00f9386ae03b
2018-02-15 12:28:51 -08:00