Commit graph

3460 commits

Author SHA1 Message Date
TreeHugger Robot
eab67ccac9 Merge "Retry deleting dm devices." 2020-02-18 13:59:56 +00:00
Ricky Wai
e50ddb786a Fix vold cannot create obb directory
Test: setupAppDir works now
Change-Id: I4bc67ecb57c30b1d0728580abc738e91f97de722
2020-02-18 11:42:32 +00:00
Paul Crowley
e3f78f4843 resolve merge conflicts of bdd9fbf9db to master
Bug: None
Test: Treehugger
Change-Id: I17a300687bc7f56feb79b820b7196b2a9124c5f4
2020-02-16 07:37:18 -08:00
Paul Crowley
bdd9fbf9db Merge "Refactor key generation to handle both normal and metadata encryption." am: 8e0780cba2 am: 79b853551d
Change-Id: I644d55df9c5a5441ead5b6790efff159b292c957
2020-02-15 02:13:22 +00:00
Paul Crowley
79b853551d Merge "Refactor key generation to handle both normal and metadata encryption." am: 8e0780cba2
Change-Id: I59510b64f6803f5e76fefa359abfcc9207420126
2020-02-15 02:03:19 +00:00
Paul Crowley
8e0780cba2 Merge "Refactor key generation to handle both normal and metadata encryption." 2020-02-15 01:40:26 +00:00
Ricky Wai
9eb4367165 Retry deleting dm devices.
For some reason this can be racy; until we understand the root cause,
retry to unblock AdoptableHostTest.

Bug: 149396179
Test: atest AdoptableHostTest no longer hangs
Change-Id: I162ff8ad305535e7a4fab3d88f38b687b50cf4a3
2020-02-15 01:15:42 +00:00
Paul Crowley
4eac264727 Refactor key generation to handle both normal and metadata encryption.
Bug: 147733587
Test: Treehugger
Change-Id: Iee176037dec2621c84da325c2627f988fcebbc8d
Merged-In: Iee176037dec2621c84da325c2627f988fcebbc8d
2020-02-14 13:59:06 -08:00
Paul Crowley
b3d018a62c Refactor key generation to handle both normal and metadata encryption.
Bug: 147733587
Test: Treehugger
Change-Id: Iee176037dec2621c84da325c2627f988fcebbc8d
2020-02-14 13:39:19 -08:00
Paul Crowley
96cbfe4cab Merge "Refactor MetadataCrypt.cpp to make create_crypto_blk_dev more general" am: 7566e467ab am: b272b21a0a am: 41bac014cf
Change-Id: Id9e2e9b5b9f720635218d16b2d5a65780dea1974
2020-02-14 21:35:09 +00:00
Paul Crowley
41bac014cf Merge "Refactor MetadataCrypt.cpp to make create_crypto_blk_dev more general" am: 7566e467ab am: b272b21a0a
Change-Id: I6afc145de2a06a5d3bb9af516fa20cdeeb4f2c56
2020-02-14 21:19:41 +00:00
Paul Crowley
b272b21a0a Merge "Refactor MetadataCrypt.cpp to make create_crypto_blk_dev more general" am: 7566e467ab
Change-Id: Ib59c92bf516a171bfebc7c11be92502b37acf375
2020-02-14 21:07:09 +00:00
Paul Crowley
7566e467ab Merge "Refactor MetadataCrypt.cpp to make create_crypto_blk_dev more general" 2020-02-14 20:48:35 +00:00
Paul Crowley
85d1c77ff6 Merge changes Ic3993c1f,I06645bb4 am: ac34e9aa3e am: b62afed286 am: 54d05de798
Change-Id: Ib122e011bb7be162b76b94a31885863d2aff6d1e
2020-02-14 18:57:33 +00:00
Paul Crowley
54d05de798 Merge changes Ic3993c1f,I06645bb4 am: ac34e9aa3e am: b62afed286
Change-Id: Id009631e1622d1534674332a1f146934fb4841a5
2020-02-14 18:45:55 +00:00
Paul Crowley
b62afed286 Merge changes Ic3993c1f,I06645bb4 am: ac34e9aa3e
Change-Id: I4e11f42f1f302f8a08f60756cf08356aac8652cd
2020-02-14 18:25:49 +00:00
Paul Crowley
ac34e9aa3e Merge changes Ic3993c1f,I06645bb4
* changes:
  Generalize CryptoType infrastructure
  Refactor CryptoType to use better names, and size_t not uint32_t
2020-02-14 18:17:56 +00:00
Martijn Coenen
8b31810922 Merge "Stop using a regex for setupAppDir." 2020-02-14 11:44:13 +00:00
Paul Crowley
572c024853 Refactor MetadataCrypt.cpp to make create_crypto_blk_dev more general
Bug: 147814592
Test: Treehugger
Change-Id: I13c6f84d729f2953f78626493d6e6d34d578a013
2020-02-14 01:15:35 -08:00
Paul Crowley
220567c33a Generalize CryptoType infrastructure
More consistency between MetadataCrypt and cryptfs, and steps towards
supporting Adiantum properly in MetadataCrypt.

Test: create private volume on Cuttlefish
Bug: 147814592
Change-Id: Ic3993c1fde11b4f5a9e6cc8ee588a7d92241c6ab
2020-02-14 00:48:27 -08:00
Risan
73a7a85c85 Passed kUsb and kSd flags
Initially, we were thinking to pass kInternal for non usb drive/sd card
drive (for local external storage like directory shared from ChromeOS).
Fortunately, the DocumentsUI logic apparently has TYPE_LOCAL with
R.drawable.ic_root_smartphone (that is overlayable) for external storage
other than TYPE_USB and TYPE_SD.

Therefore, instead of creating a kInternal flags, we can just passed kUsb
and kSd and not passing anything for "internal external storage" - which
will render ic_root_usb, ic_root_sd, and ic_root_smartphone as icons
accordingly. And since ic_root_smartphone is already overlayable,  we
could overlayed in /vendor - which effectively is what we initially
wanted when thinking of introducing kInternal flag.

Bug: 132796154
Test: Customize flags in /vendor for different devices and DocumentsUI
shows the ic_root_smartphone (which can be overlayed) when kUsb is not
passed, and USB icon when kUsb is passed.
Change-Id: I55f13e214bbb2aeed96b6950bcf391121174c354
2020-02-14 04:38:59 +00:00
TreeHugger Robot
dd85fe2e5e Merge "Add disk for StubVolume" 2020-02-14 04:35:15 +00:00
Paul Crowley
a661fb659b Refactor CryptoType to use better names, and size_t not uint32_t
Test: treehugger
Bug: 147814592
Change-Id: I06645bb4941794797beebf05b817c4ac52e09cd7
2020-02-13 16:40:25 -08:00
Martijn Coenen
b5a31c9985 Stop using a regex for setupAppDir.
This was hard to read and understand. Instead, fall back to explicit
string operations with more comments on what we're doing and what we're
allowing.

This also fixes an issue where apps were asking us to create dirs on
their behalf that our more than 2 levels deep, eg
com.foo/files/downloads ; I thought such paths weren't allowed, but
apparently they are (and there's no good reason for us to not set them
up correctly).

Bug: 149407572
Test: launch opera
Change-Id: I7c64831032b66e90960b96e41ee42c7d616a759c
2020-02-13 23:37:12 +01:00
Automerger Merge Worker
50f7de29be Merge "Use DM layer directly to manage private DM volumes" am: dd12ea5bd2 am: 47aff8772d am: e3609aa837
Change-Id: I663a0ad6990acfc2cd936b52e39b346c2e48b6ed
2020-02-13 19:08:54 +00:00
Automerger Merge Worker
e3609aa837 Merge "Use DM layer directly to manage private DM volumes" am: dd12ea5bd2 am: 47aff8772d
Change-Id: Id3af32b4e83fbfc71492d9050b2215a04b7830a9
2020-02-13 18:59:58 +00:00
Automerger Merge Worker
47aff8772d Merge "Use DM layer directly to manage private DM volumes" am: dd12ea5bd2
Change-Id: Ifb77dd72e810e758ac3a6105e13f7ea4341dca36
2020-02-13 18:43:57 +00:00
Paul Crowley
dd12ea5bd2 Merge "Use DM layer directly to manage private DM volumes" 2020-02-13 18:35:26 +00:00
Martijn Coenen
1dc4f816bd Merge "Retry deleting dm devices." 2020-02-13 18:17:42 +00:00
Martijn Coenen
26ad7b34d1 Retry deleting dm devices.
For some reason this can be racy; until we understand the root cause,
retry to unblock presubmit.

Bug: 149396179
Test: atest AdoptableHostTest no longer hangs
Change-Id: I3fb4f1d966172bac2f6c52d41c4564f905765212
2020-02-13 16:56:07 +01:00
Automerger Merge Worker
395edfede5 Merge "Pass volume key as a KeyBuffer" am: 334a684557 am: 4d37b4f980 am: aebcc399ea
Change-Id: I7f410a56f2c301557657f9357494bcf97c7cf92d
2020-02-13 05:41:52 +00:00
Automerger Merge Worker
aebcc399ea Merge "Pass volume key as a KeyBuffer" am: 334a684557 am: 4d37b4f980
Change-Id: Ia5a1a2f96ba406987c60cc8fa4d94bea33b68644
2020-02-13 05:30:57 +00:00
Automerger Merge Worker
4d37b4f980 Merge "Pass volume key as a KeyBuffer" am: 334a684557
Change-Id: I017400aa3ef988435914ef2770b20bd78a0c1c10
2020-02-13 05:17:07 +00:00
Treehugger Robot
334a684557 Merge "Pass volume key as a KeyBuffer" 2020-02-13 05:10:31 +00:00
Martijn Coenen
71d1a77ef5 Merge "Remove appDirRoot argument from setupAppDir." 2020-02-13 00:08:25 +00:00
Automerger Merge Worker
30b1a73b3a Merge "vold: Support Storage keys for FBE" am: 8cfb530357 am: aafbd4066a am: 54d5e5ca1e
Change-Id: I7232b8c40cd5606ce6ec801d88df9768405ffa3b
2020-02-13 00:06:10 +00:00
Automerger Merge Worker
54d5e5ca1e Merge "vold: Support Storage keys for FBE" am: 8cfb530357 am: aafbd4066a
Change-Id: I8beed2f9939aada8735df5b9c5d0deb9bb3eb5ce
2020-02-12 23:43:53 +00:00
Automerger Merge Worker
aafbd4066a Merge "vold: Support Storage keys for FBE" am: 8cfb530357
Change-Id: I933a31eefe57b8b06513ca3e7a2ee874a1b680a1
2020-02-12 23:37:24 +00:00
Treehugger Robot
8cfb530357 Merge "vold: Support Storage keys for FBE" 2020-02-12 23:32:29 +00:00
Paul Crowley
659b63fe00 Use DM layer directly to manage private DM volumes
Abolish cryptfs_revert_ext_volume, handle in caller. This allows us to
use DeleteDeviceIfExists, avoiding a spurious error message.

Test: create private volume on Cuttlefish, eject, check logs
Bug: 147814592
Change-Id: I836d8bd11b29e32da0863aaa75144543bb9cab9c
2020-02-12 14:26:38 -08:00
Paul Crowley
3d98f5d159 Pass volume key as a KeyBuffer
Not for security, but for consistency with the way we handle other
keys, and to move the length check to where it belongs.

Test: create private volume on Cuttlefish
Bug: 147814592
Change-Id: I10fc4896183d050ce25ff174faf78f525cf62930
2020-02-12 14:26:38 -08:00
Barani Muthukumaran
3dfb094cb2 vold: Support Storage keys for FBE
To prevent keys from being compromised if an attacker
acquires read access to kernel memory, some inline
encryption hardware supports protecting the keys in
hardware without software having access to or the
ability to set the plaintext keys.  Instead, software
only sees "wrapped keys", which may differ on every boot.

'wrappedkey_v0' fileencryption flag is used to denote
that the device supports inline encryption hardware that
supports this feature. On such devices keymaster is used
to generate keys with STORAGE_KEY tag and export a
per-boot ephemerally wrapped storage key to install it in
the kernel.

The wrapped key framework in the linux kernel ensures the
wrapped key is provided to the inline encryption hardware
where it is unwrapped and the file contents key is derived
to encrypt contents without revealing the plaintext key in
the clear.

Test: FBE validation with Fscrypt v2 + inline crypt + wrapped
key changes kernel.

Bug: 147733587

Change-Id: I1f0de61b56534ec1df9baef075acb74bacd00758
2020-02-12 14:26:26 -08:00
Greg Kaiser
724f0092a3 Avoid extra string copy
We directly pass a reference to our std::string, instead of
forcing the creation of a temporary std::string from the
result of c_str().

Test: TreeHugger
Change-Id: Ibab13f1e1ff43af076df60ae4032bf9dd111dd27
2020-02-12 07:11:09 -08:00
Martijn Coenen
8a68a075a2 Remove appDirRoot argument from setupAppDir.
This is no longer needed, because vold can deduce this itself now.

Bug: 146419093
Test: builds
Change-Id: Ib4f4a4109919af683722a63b305b343ef5fe972d
2020-02-12 15:38:45 +01:00
Martijn Coenen
d0d7640403 Merge changes I32bfced0,I3178694e,Icb8911f6
* changes:
  Set quota project ID and inheritance on top-level storage directory.
  Set default ACL on application-specific directories.
  Use a regex to create application directories.
2020-02-12 14:19:27 +00:00
Martijn Coenen
fd9cdbf124 Set quota project ID and inheritance on top-level storage directory.
When creating external storage directories like /data/media/0, make sure
we set the quota project ID correctly, and enable project ID
inheritance. This ensures that all directories/files under this will be
created with the correct project ID and inheritance as well.

Bug: 146419093
Test: lsattr -p on /data/media
Change-Id: I32bfced0d67eb8c1865897b085324f00c55926a0
2020-02-12 13:18:46 +01:00
Martijn Coenen
879fa8015d Set default ACL on application-specific directories.
On devices without sdcardfs, application-specific directories have a
particular GID that ensure some privileged daemons (like installers) are
able to write to them. Android applications however run with a umask of 0077, which means that
any subdirectory they create within their app-specific directory has
mode 700, which in turn prevents things like DownloadManager from
working, since it can be asked to download into a subdir of the app's
private storage.

To prevent this from happening, set a default 770 ACL on the top-level
app-specific directory (eg, /data/media/0/Android/data/com.foo); the
effect of that default ACL is that all directories that are created
within these directories automatically get a 770 mask, regardless of the
umask that the process has.

Bug: 146419093
Test: atest FuseDaemonHostTest on cf_x86 (without sdcardfs)

Change-Id: I3178694e6d25ce3d04a0918ac66862f644635704
2020-02-12 13:18:44 +01:00
Risan
82e90de23d Add disk for StubVolume
StubVolume is a volume type for ARC++ external storage. Named StubVolume
because it is managed from outside Android (not through Android kernel).

Previously, StubVolume is a diskless volume. However, as mentioned in
jsharkey@ email, a disk is needed for StubVolume to hold "kInternal"
(external storage type that is "external" from Android perspective,
but is "internal" to the device. For example shared directory from
ChromeOS to Android) and "kIndexable" (whether or not a disk should be
indexed by MediaStore).

The addition of disk means we could expose the createStubVolume API to
add a disk flags, which is also introduced in this CL.

Both kInternal and kIndexable will be introduced in separate CL.

Bug: 132796154
Test: Mount/unmount ARC++ removable device in ChromeOS.
Change-Id: I8b77fa1cf50ab38a2892272154dafdb78f079378
2020-02-12 07:42:40 +00:00
Automerger Merge Worker
d74f4949de Merge "Have vold inform keymaster that early boot ended" am: 68b9fb10ae am: fce0d92ce4 am: bf352873ad
Change-Id: I3aaebfcca61c92667de114d477cbbcf35d23bcd9
2020-02-12 04:50:35 +00:00
Automerger Merge Worker
bf352873ad Merge "Have vold inform keymaster that early boot ended" am: 68b9fb10ae am: fce0d92ce4
Change-Id: If58cc1911c477ac9bed03fc39952a573db71651e
2020-02-12 04:35:10 +00:00