In order to prevent rainbow table attacks on decrypting the master key,
create a 16 byte "salt" by reading /dev/urandom. This is done right after
reading urandom to get the master key for the filesystem. The salt is
stored 32 bytes after the end of the key (a padding added to help prevent
accidental overwriting of the salt) and the salt is fixed at 16 bytes long.
This change will make existing encrypted filesystems unusable.
Change-Id: I420549d064c61d38aea78eef4d86c88acb265ca3
Maintain and query some internal state to know if it's OK to run
the various cryptfs commands. Do not allow enablecrypto to run if
the device is already encrypted. Do no allow restart to run if
we have already run it before or if the password has not been
validated. Do not allow checkpw to run if not encrypted, or it
has already validated the password.
This is an extra layer of safety on top of the checks up in the
UI code agains possible DoS attacks on the device.
Change-Id: I9afc8d42773020e82a512e6b637feede101d1362
Also, change the value that triggers the progress bar framework from
"startup" to "0" in the property vold.encrypt_progress.
Change-Id: I3890e66a95283ce2ceeca82f516859b083919b9e
Update the enable inplace API to allow the UI to show a progress bar.
Add new command changepw (whichis currently not working)
Internal restructuring of code to support these two features.
Some minor cleanup of the code as well.
Change-Id: I11461fc9ce66965bea6cd0b6bb2ff48bcf607b97
In order to make the animations and the UI look right, we need to change
the cryptfs checkpw command to return a status if the password was
correct or not, and not have it automatically restart if it's correct.
There is a new command restart that will restart the framework with the
encrypted filesystem.
Change-Id: Ia8ae00d7ed8667699aa58d05ad8ba953cca9316e
Now that the framework shuts down quickly, remove the 30
second sleep when enabling crypto. Also, stop spewing
the secret master key to the disk in the system log!
Change-Id: Icb3f9456ababe3dff8de52cbbae92da0e9e5dd2f
There are still a few hacks and performance issues related
to shutting down the framework in this code, but it is
functional and tested. Without the UI changes, it requires
cryptic adb shell commands to enable, which I shall not
utter here.
Change-Id: I0b8f90afd707e17fbdb0373d156236946633cf8b
* commit '1206e872ce74aab253c39c3547bfaadc5e1f6011':
vold: fix an offset one bug that makes partition 4 unusable
vold: set state back to idle on formatting error
On formatting error due to some reasons, the state is left at
Formatting, therefore the user is unable to mount the sdcard
again. The patch sets the state to Idle no matter formatting
error or not.
Change-Id: I62c78eb8299cc397ee5cc442890f8b3dbf09425c
Improves UI responsiveness when copying large amount of data to the device.
BUG: 3131847
Change-Id: I4aa5ade7e2cd7e5110c8f0f7ee43bdc57577e11d
Signed-off-by: Mike Lockwood <lockwood@google.com>
ENOENT is more descriptive than the generic error that EINVAL gets
turned into. Then we can actually treat it how we want on the other
side.
Change-Id: I9b4f3be6308e13f680eae368d2167ab9ee6aae5f
Merge commit 'cbacf78eff70bd43bb899e164ec2ab409bc0904c' into gingerbread-plus-aosp
* commit 'cbacf78eff70bd43bb899e164ec2ab409bc0904c':
Track type of container mounted
OBB and ASEC are tracked in the same active container list, but when it
comes time to unmount everything, it was trying to unmount the OBBs
according to ASEC rules. This led to the OBB not being unmounted and the
volume unmount failing.
Change-Id: I12c1d4d387b8022185d552b63edd61a50b9c0fc3
Merge commit 'a4886f1f8ed72e24a302a91a0ab18bc54b6f585e' into gingerbread-plus-aosp
* commit 'a4886f1f8ed72e24a302a91a0ab18bc54b6f585e':
More fixes for internal FAT partitions:
Fix formatting partitions beyond the first partition.
Do not try to initialize the MBR when formatting only a single partition.
Change-Id: Ifbbd279b1c288b7b1b884a1a89248e3086ed735f
Signed-off-by: Mike Lockwood <lockwood@android.com>
Merge commit '1b15d463d4816fc084767cbeda3ee69ff5527545' into gingerbread-plus-aosp
* commit '1b15d463d4816fc084767cbeda3ee69ff5527545':
Add some missing closes on error conditions.
Only share a single partition via UMS if a specific partition
is specified in vold.fstab (rather than "auto")
Do not fail to reformat if MBR cannot be found.
Change-Id: I544ca2ee325c308af656ab9f4732c788a964c156
Signed-off-by: Mike Lockwood <lockwood@android.com>
This allows us to place shared libraries in these containers which may
only be loaded if they are executable.
Change-Id: I78fa9ab6d5c58ec8b98c40004da72aebc0aade2a
Merge commit '75a3e1a95af0a2790de1b12aeca0008bfdc61649' into gingerbread-plus-aosp
* commit '75a3e1a95af0a2790de1b12aeca0008bfdc61649':
VOLD - make volume daemon to handle state change from shared to no_media
When volume state changed from shared to no_media,
volume is not properly unshared.
Change-Id: I0117d67da95440d982275746a166ef6f4ac1c0e2
Signed-off-by: Ethan <ethan.too@gmail.com>
Merge commit 'd766090b7a72562be9e64700e13882663004650e' into gingerbread-plus-aosp
* commit 'd766090b7a72562be9e64700e13882663004650e':
Avoid array overrun. We can now mount the /sdcard partition on our boot sdcards
LOOP_GET_STATUS64 isn't useful here since the data contained within
isn't actually checked, so stick with the regular LOOP_GET_STATUS here
to match the struct loop_info we're using.
Change-Id: I4f9ff06fa44d4ae3aed046d423054554f9cf450b
* Rename all functions dealing with OBB files to mention Obb
* Add 'path' and 'list' functionality to OBB commands
* Store hashed filename in loop's lo_crypt_name and keep lo_file_name
for the real source filename. That way we can recover it later with an
ioctl call.
Change-Id: I29e468265988bfb931d981532d86d7be7b3adfc8
