Commit graph

6050 commits

Author SHA1 Message Date
Treehugger Robot
ca648a0217 Merge "KeyStorage: don't request rollback resistance for wrapped storage keys" 2022-08-01 23:21:50 +00:00
Eric Biggers
2d30b890d2 KeyStorage: don't request rollback resistance for wrapped storage keys
Hardware-wrapped inline encryption keys (a.k.a. "wrapped storage keys"
or "TAG_STORAGE_KEY keys") are being generated with rollback resistance
enabled, but are never deleted.  This leaks the space that KeyMint
implementations reserve for rollback-resistant keys, e.g. space in the
RPMB.  This is a problem especially for the per-boot key, as that gets
regenerated every time the device is rebooted.  After enough reboots,
KeyMint runs out of space for rollback-resistant keys.  This stops any
new or upgraded keys from being rollback-resistant, reducing security.

This bug affects all devices that use HW-wrapped inline encryption keys
for FBE (have "wrappedkey_v0" in the options for fileencryption in their
fstab), and whose KeyMint implementations support TAG_STORAGE_KEY in
combination with TAG_ROLLBACK_RESISTANCE.  But it's more of a problem on
devices that are rebooted frequently, as per the above.

Fix this bug by not requesting rollback resistance for HW-wrapped inline
encryption keys.  It was a mistake for these keys to ever be rollback-
resistant, as they are simply a stand-in for raw keys.  Secure deletion
instead has to happen higher up the stack, via the Keystore key that
encrypts these keys being deleted, or via the Keystore key and/or Weaver
slot needed to decrypt the user's synthetic password being deleted.

(It was also a mistake for HW-wrapped inline encryption keys to use
Keystore at all.  The revised design for them that I'm working on for
upstream Linux doesn't use Keystore.  But for now, Android uses Keystore
for them, and the fix is to not request rollback resistance.)

Bug: 240533602
Fixes: 3dfb094cb2 ("vold: Support Storage keys for FBE")
Change-Id: I648a1af9e16787dfcfeefa2b2f2e4a72cac2c6a6
2022-07-28 18:48:46 +00:00
Treehugger Robot
6993de77a2 Merge "Rename fuse_media.o to fuseMedia.o" am: cbdbc35ba0 am: 77e4ab8031 am: 661a02db7e am: 8fee609b88 am: 0d45e5dda8
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2150775

Change-Id: Ie2c58a14ef4cc971eebed362630a8df1baa7f781
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-22 18:01:40 +00:00
Treehugger Robot
0d45e5dda8 Merge "Rename fuse_media.o to fuseMedia.o" am: cbdbc35ba0 am: 77e4ab8031 am: 661a02db7e am: 8fee609b88
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2150775

Change-Id: Ia514970ffd7408f9b67ff1abf4283f55e42c8b35
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-22 17:44:02 +00:00
Treehugger Robot
8fee609b88 Merge "Rename fuse_media.o to fuseMedia.o" am: cbdbc35ba0 am: 77e4ab8031 am: 661a02db7e
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2150775

Change-Id: I0a31d37f002e990703d6c8a5842f0b98f76ee932
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-22 17:30:04 +00:00
Treehugger Robot
661a02db7e Merge "Rename fuse_media.o to fuseMedia.o" am: cbdbc35ba0 am: 77e4ab8031
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2150775

Change-Id: I771416da3f4f0d69e93718950c5ed05a50b01962
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-22 17:13:32 +00:00
Treehugger Robot
77e4ab8031 Merge "Rename fuse_media.o to fuseMedia.o" am: cbdbc35ba0
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2150775

Change-Id: If343000a8dd36de4584057eb4ac026e50a9ce538
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-22 16:45:56 +00:00
Treehugger Robot
cbdbc35ba0 Merge "Rename fuse_media.o to fuseMedia.o" 2022-07-22 16:33:09 +00:00
Daeho Jeong
9213497628 Merge "Introduce target dirty segment ratio tunable parameter" am: c3a7391c94 am: 69754352bb am: 440ac72644 am: 7e97e98b67 am: 2f60d5439f
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2135595

Change-Id: I807adc0cbe45da270ae6fcd85fe47e25f6717399
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-14 16:20:59 +00:00
Daeho Jeong
2f60d5439f Merge "Introduce target dirty segment ratio tunable parameter" am: c3a7391c94 am: 69754352bb am: 440ac72644 am: 7e97e98b67
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2135595

Change-Id: I7e00e273e5b800494248d5ddb26cf8c9dce10730
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-14 16:01:12 +00:00
Daeho Jeong
7e97e98b67 Merge "Introduce target dirty segment ratio tunable parameter" am: c3a7391c94 am: 69754352bb am: 440ac72644
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2135595

Change-Id: If7b492b2eb2db7d1f56601f63973780d92f92e38
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-14 15:44:10 +00:00
Daeho Jeong
440ac72644 Merge "Introduce target dirty segment ratio tunable parameter" am: c3a7391c94 am: 69754352bb
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2135595

Change-Id: I17c1ede37755ec5b149827cd33ca3332c867c565
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-14 15:28:48 +00:00
Daeho Jeong
69754352bb Merge "Introduce target dirty segment ratio tunable parameter" am: c3a7391c94
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2135595

Change-Id: I42b8baffdfe9bea0d66d310952aa4c8403c36ad3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-14 15:13:20 +00:00
Daeho Jeong
c3a7391c94 Merge "Introduce target dirty segment ratio tunable parameter" 2022-07-14 14:56:13 +00:00
Ken Chen
0093f6ae04 Rename fuse_media.o to fuseMedia.o
Underscore character may cause bpf prog/map naming collision. For
example, x.o with map y_z and x_y.o with map z both result in x_y_z
prog/map name, which should be prevented during compile-time.

aosp/2147825 will prohibit underscore character in bpf source name
(source name derives the obj name). Existing bpf modules with underscore
characters in source name need to be updated accordingly.

Bug: 236706995
Test: build
Change-Id: Ie6ea47560b1d44de0a0d9d124e17616fee6b0922
2022-07-12 05:38:39 +00:00
Daeho Jeong
fce1d54cc2 Merge "Make minimum gc sleep time tunnable" am: a5d927ba6a am: fc5cdcf04a am: 861b6f454d am: 2c4fabe16e am: d71c649e27
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132536

Change-Id: Ia970faaeebb7b2b9b26d3a4d335eed2efe5a7d0f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-07 20:16:40 +00:00
Daeho Jeong
d71c649e27 Merge "Make minimum gc sleep time tunnable" am: a5d927ba6a am: fc5cdcf04a am: 861b6f454d am: 2c4fabe16e
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132536

Change-Id: Ice77ce4c208916b58898625ce750778421f42550
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-07 20:00:39 +00:00
Daeho Jeong
2c4fabe16e Merge "Make minimum gc sleep time tunnable" am: a5d927ba6a am: fc5cdcf04a am: 861b6f454d
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132536

Change-Id: I0441fe849a864bc45c2c07a10480f6ed0841dca4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-07 19:36:34 +00:00
Daeho Jeong
861b6f454d Merge "Make minimum gc sleep time tunnable" am: a5d927ba6a am: fc5cdcf04a
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132536

Change-Id: I8f5c730caaf8b7f8350a522c001a0a21e99ba8ce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-07 19:18:48 +00:00
Daeho Jeong
fc5cdcf04a Merge "Make minimum gc sleep time tunnable" am: a5d927ba6a
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132536

Change-Id: I3fc545927eeed476f75e5a72b373d5f6e4a92829
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-07 19:01:06 +00:00
Daeho Jeong
a5d927ba6a Merge "Make minimum gc sleep time tunnable" 2022-07-07 18:39:46 +00:00
Daeho Jeong
37cf9d79ab Introduce target dirty segment ratio tunable parameter
We introduce a new parameter of target dirty segment ratio,
which can be used to set a target dirty / (dirty + free) segments
ratio. For example, if we set this as 80%, GC sleep time will be
calculated to achieve this ratio in a GC period.

Test: check smart idle maint log of StorageManagerService
Signed-off-by: Daeho Jeong <daehojeong@google.com>
Change-Id: I73f2bcf4bdb810164c174bd0d2518b15d577d5d5
2022-07-04 21:23:46 +00:00
Xin Li
05a01a1166 [automerger skipped] Merge "Merge tm-dev-plus-aosp-without-vendor@8763363" into stage-aosp-master am: f0521e8b09 -s ours am: 7a8cec1250 -s ours am: 66fd19132e -s ours am: c7cafff525 -s ours
am skip reason: Merged-In Ieb371b7fdebfe938206a45547bb24dfbf2c2e7be with SHA-1 d96b2ac076 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/19093702

Change-Id: Idf60132546f5dd007536da836c8034b5e111fb2f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-30 01:10:07 +00:00
Xin Li
9f21a863be [automerger skipped] Merge tm-dev-plus-aosp-without-vendor@8763363 am: b730112c98 -s ours am: 9ec575c7aa -s ours am: dc2318e64e -s ours am: 2e307b04f5 -s ours
am skip reason: Merged-In Ieb371b7fdebfe938206a45547bb24dfbf2c2e7be with SHA-1 d96b2ac076 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/19093702

Change-Id: I21e0d9fa9939f36f0001851c87011af22eb24a3e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-30 01:04:59 +00:00
Xin Li
c7cafff525 [automerger skipped] Merge "Merge tm-dev-plus-aosp-without-vendor@8763363" into stage-aosp-master am: f0521e8b09 -s ours am: 7a8cec1250 -s ours am: 66fd19132e -s ours
am skip reason: Merged-In Ieb371b7fdebfe938206a45547bb24dfbf2c2e7be with SHA-1 d96b2ac076 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/19093702

Change-Id: I4d70f362bf9063dafdf7e92431bacf5b25c332ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-30 00:07:32 +00:00
Xin Li
2e307b04f5 [automerger skipped] Merge tm-dev-plus-aosp-without-vendor@8763363 am: b730112c98 -s ours am: 9ec575c7aa -s ours am: dc2318e64e -s ours
am skip reason: Merged-In Ieb371b7fdebfe938206a45547bb24dfbf2c2e7be with SHA-1 d96b2ac076 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/19093702

Change-Id: I0a95e02432a9ceb10b5b60e121e3ecad3c6638df
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-30 00:02:25 +00:00
Xin Li
66fd19132e [automerger skipped] Merge "Merge tm-dev-plus-aosp-without-vendor@8763363" into stage-aosp-master am: f0521e8b09 -s ours am: 7a8cec1250 -s ours
am skip reason: Merged-In Ieb371b7fdebfe938206a45547bb24dfbf2c2e7be with SHA-1 d96b2ac076 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/19093702

Change-Id: I045afc2977508a74238685f5714cd4ee75965a55
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-29 23:01:49 +00:00
Xin Li
dc2318e64e [automerger skipped] Merge tm-dev-plus-aosp-without-vendor@8763363 am: b730112c98 -s ours am: 9ec575c7aa -s ours
am skip reason: Merged-In Ieb371b7fdebfe938206a45547bb24dfbf2c2e7be with SHA-1 d96b2ac076 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/19093702

Change-Id: Id4a47070667562cf5edd809bad7d4e4bdddaa201
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-29 22:56:42 +00:00
Xin Li
7a8cec1250 [automerger skipped] Merge "Merge tm-dev-plus-aosp-without-vendor@8763363" into stage-aosp-master am: f0521e8b09 -s ours
am skip reason: Merged-In Ieb371b7fdebfe938206a45547bb24dfbf2c2e7be with SHA-1 d96b2ac076 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/19093702

Change-Id: I1f76d98e3ebc21118b472e6cb049080a8b774221
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-29 22:18:17 +00:00
Xin Li
9ec575c7aa [automerger skipped] Merge tm-dev-plus-aosp-without-vendor@8763363 am: b730112c98 -s ours
am skip reason: Merged-In Ieb371b7fdebfe938206a45547bb24dfbf2c2e7be with SHA-1 d96b2ac076 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/19093702

Change-Id: Idb5861b570ce701ea4595397d14c5fab0ba0d28d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-29 22:13:11 +00:00
Xin Li
f0521e8b09 Merge "Merge tm-dev-plus-aosp-without-vendor@8763363" into stage-aosp-master 2022-06-29 21:22:02 +00:00
Treehugger Robot
c571545913 Merge "Convert vold to new BootControl client" am: 6083e0196b am: de2d1b6cc7 am: 25ff2c3c9c am: 2a30e7cd1d am: 03c98c20b5
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132797

Change-Id: Id4027eefb2a9413c9ee119664b4c9e52b75aa6de
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-29 20:12:29 +00:00
Treehugger Robot
03c98c20b5 Merge "Convert vold to new BootControl client" am: 6083e0196b am: de2d1b6cc7 am: 25ff2c3c9c am: 2a30e7cd1d
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132797

Change-Id: I6eddb1993df9a051888929d0ce6ae6d6854a461a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-29 19:55:14 +00:00
Treehugger Robot
2a30e7cd1d Merge "Convert vold to new BootControl client" am: 6083e0196b am: de2d1b6cc7 am: 25ff2c3c9c
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132797

Change-Id: I26359384aac7413b651ce48878b97e3da97b896d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-29 19:31:34 +00:00
Treehugger Robot
25ff2c3c9c Merge "Convert vold to new BootControl client" am: 6083e0196b am: de2d1b6cc7
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132797

Change-Id: I246836f0bff37c1dbcf6925409fc5b2def4f2689
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-29 18:57:27 +00:00
Treehugger Robot
de2d1b6cc7 Merge "Convert vold to new BootControl client" am: 6083e0196b
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2132797

Change-Id: I97d3bcacc85ba0295ccadd216a3db8cabf0cc3a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-29 18:38:33 +00:00
Treehugger Robot
6083e0196b Merge "Convert vold to new BootControl client" 2022-06-29 18:03:39 +00:00
Xin Li
b730112c98 Merge tm-dev-plus-aosp-without-vendor@8763363
Bug: 236760014
Merged-In: Ieb371b7fdebfe938206a45547bb24dfbf2c2e7be
Change-Id: I521a37a205961186baeeebc82668055fe19c2091
2022-06-27 23:40:18 +00:00
Daeho Jeong
3fd33ece35 Make minimum gc sleep time tunnable
Test: check smart idle maint log of StorageManagerService
Signed-off-by: Daeho Jeong <daehojeong@google.com>
Change-Id: I5a70e4ec2ca895551b6446a9dfd4bb5003a3fbd0
2022-06-23 16:20:45 -07:00
Kelvin Zhang
dec03ab380 Convert vold to new BootControl client
Test: th
Bug: 227536004
Change-Id: Ia2f8b51d6d3175999b2434454f0ee4e14bde934e
2022-06-22 15:14:55 -07:00
Eric Biggers
2cad00ad2e Merge "Rename fscrypt_is_native() to IsFbeEnabled()" am: d99898496f am: e51736136a am: 9d2e149521 am: ba25d3a31b am: fb8e45d1bf
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2128492

Change-Id: I4bb413fb3445fdc7a811dac13cd082fa40e219ee
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-22 20:10:21 +00:00
Eric Biggers
fb8e45d1bf Merge "Rename fscrypt_is_native() to IsFbeEnabled()" am: d99898496f am: e51736136a am: 9d2e149521 am: ba25d3a31b
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2128492

Change-Id: I01ce0fc7845aaf293535b2a12b71cd383b23c74d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-22 19:52:04 +00:00
Eric Biggers
ba25d3a31b Merge "Rename fscrypt_is_native() to IsFbeEnabled()" am: d99898496f am: e51736136a am: 9d2e149521
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2128492

Change-Id: I29768034feababeb54ec8aa9357f31a6701b74a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-22 19:34:31 +00:00
Eric Biggers
9d2e149521 Merge "Rename fscrypt_is_native() to IsFbeEnabled()" am: d99898496f am: e51736136a
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2128492

Change-Id: Ic0ef4032bd5596c53f3c7c148928208f62b29300
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-22 19:07:49 +00:00
Eric Biggers
e51736136a Merge "Rename fscrypt_is_native() to IsFbeEnabled()" am: d99898496f
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2128492

Change-Id: I9d329a1da16d949f0f73d69dd943547a3f849fcb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-22 18:47:33 +00:00
Eric Biggers
d99898496f Merge "Rename fscrypt_is_native() to IsFbeEnabled()" 2022-06-22 18:24:38 +00:00
Automerger Merge Worker
7bafb630ad Merge "Use sysfs control for storage device GC am: d96b2ac076 am: 7f6de29a04" into tm-d1-dev-plus-aosp am: 0b378ca4dc am: b6622cefc8
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/18972074

Change-Id: I05ec08c560bd6ad5b49af885fc6f79cf77f844b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-21 22:36:21 +00:00
Daeho Jeong
a8dea376e9 Use sysfs control for storage device GC am: d96b2ac076 am: 1403a82079 am: e5d7108512 am: 182a3efc8a
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/18972074

Change-Id: I0107049bbf4bcf7899fbb9bcfd308767d0924ba0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-21 22:36:05 +00:00
Daeho Jeong
de5958160d Use sysfs control for storage device GC am: d96b2ac076 am: 1403a82079 am: ff23bb4b4f am: 88565ae67e
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/18972074

Change-Id: Ibabf51c2c3cf9c456d4e010d9a06cfd81784809c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-21 22:34:41 +00:00
Automerger Merge Worker
b6622cefc8 Merge "Use sysfs control for storage device GC am: d96b2ac076 am: 7f6de29a04" into tm-d1-dev-plus-aosp am: 0b378ca4dc
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/18972074

Change-Id: Ifc8ca694e581a68f2703211ccf8ce17286b3b70b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-21 22:16:28 +00:00