tequilaOS/platform_system_vold

Author	SHA1	Message	Date
Howard Chen	fc8d1c7d37	Merge "Make the deleteAllKey feature aware of the DSU mode" am: `d718c8c577` am: `9c2577b823` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1826054 Change-Id: I5236ae0e54e9c95576f1b4b2ac58544d3a0468f0	2021-09-22 04:36:51 +00:00
Howard Chen	9c2577b823	Merge "Make the deleteAllKey feature aware of the DSU mode" am: `d718c8c577` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1826054 Change-Id: I55554e2a0545de6a747e44f5967534fe16d1341a	2021-09-22 04:22:35 +00:00
Howard Chen	d718c8c577	Merge "Make the deleteAllKey feature aware of the DSU mode"	2021-09-22 04:09:18 +00:00
Daniel Rosenberg	b476bc2041	Merge "Fix the incorrect parameter quota when userdata is formatted with EXT4" am: `8bd25f8e74` am: `9788b022dd` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1825558 Change-Id: I1429919b9b952488484e51e88a5ff8a5c5ad24d0	2021-09-20 22:19:15 +00:00
Daniel Rosenberg	9788b022dd	Merge "Fix the incorrect parameter quota when userdata is formatted with EXT4" am: `8bd25f8e74` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1825558 Change-Id: I258381abf0a516987abad5357165f8cc6daec4fd	2021-09-20 22:02:27 +00:00
Daniel Rosenberg	8bd25f8e74	Merge "Fix the incorrect parameter quota when userdata is formatted with EXT4"	2021-09-20 21:44:44 +00:00
Howard Chen	cbc1bdba59	Make the deleteAllKey feature aware of the DSU mode Currently, the vold detects the factory reset by checking the metadata encryption key. This logic is only valid when the device is not in DSU mode. Bug: 199222795 Test: run DSU installation on a Pixel device Change-Id: Ib40bd44d2ef7c872eba177c9ccfefac8934a49e6	2021-09-15 01:59:59 +00:00
lin.gui	3101ac01ac	Fix the incorrect parameter quota when userdata is formatted with EXT4 The userdata will be formatted by VOLD during bootup when the userdata is not completed file system(EXT4 or F2FS). For EXT4 on userdata and quota feature is enabled. the parameter quota is incorrect in ext4::Format(). Change the parameter from quotatype=prjquota to quotatype=usrquota:grpquota:prjquota. Bug: 199802158 Test: run cts-on-gsi -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.StorageHostTest Change-Id: Ibff10e8e67b4e6ffabea97f534ff6551aed91963	2021-09-14 02:05:27 +00:00
Thiébaud Weksteen	0bef24b06b	Merge "Replace security_context_t type" am: `530329222f` am: `cdbde55e7b` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1824052 Change-Id: Id934c4e2995134c5e1463e972ca7a2a27050aa2b	2021-09-10 11:53:41 +00:00
Thiébaud Weksteen	cdbde55e7b	Merge "Replace security_context_t type" am: `530329222f` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1824052 Change-Id: Ie3c20ee9187f349c308798ec370f7aa754fdfa85	2021-09-10 11:31:07 +00:00
Thiébaud Weksteen	530329222f	Merge "Replace security_context_t type"	2021-09-10 11:17:18 +00:00
Thiébaud Weksteen	ae8550fd20	Replace security_context_t type security_context_t has been marked as deprecated in libselinux from version 3.2. Update to the `char*` type. Bug: 190808996 Test: m Change-Id: I6f40e161251c79893d41e12c368715736578aacc	2021-09-10 10:54:19 +02:00
Keith Mok	7586bba487	Merge "Set a property if seed binding is enabled." am: `cc63a93fd6` am: `d5f0a5751e` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1816736 Change-Id: Idfb5e71271458418b23abf8741f2b0179435dc3a	2021-09-02 00:33:43 +00:00
Keith Mok	d5f0a5751e	Merge "Set a property if seed binding is enabled." am: `cc63a93fd6` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1816736 Change-Id: I80fde534da01e49298c9e7b82617befa32959414	2021-09-02 00:18:47 +00:00
Keith Mok	cc63a93fd6	Merge "Set a property if seed binding is enabled."	2021-09-01 23:55:08 +00:00
Keith Mok	e8600253ac	Set a property if seed binding is enabled. For vehicle binding seed atest Bug: 157501579 Test: atest vehicle-binding-seed-sh Change-Id: Ie1dad1735193ce722ec036e38f826a6b90e94526	2021-09-01 22:06:10 +00:00
Xin Li	8148068444	[automerger skipped] Merge sc-dev-plus-aosp-without-vendor@7634622 am: `b9d97763d2` -s ours am skip reason: Merged-In I78039d08a9bc7d9a2d285744e6d64f4af6ac851a with SHA-1 `e4190a395a` is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15571875 Change-Id: I8578a86264433ab71215153d95274053e2def3c9	2021-08-17 18:35:58 +00:00
Xin Li	b9d97763d2	Merge sc-dev-plus-aosp-without-vendor@7634622 Merged-In: I78039d08a9bc7d9a2d285744e6d64f4af6ac851a Change-Id: I958ef629f8ca43d6539ae90e037b846d9e0b44a3	2021-08-14 06:31:09 +00:00
Paul Crowley	068fbe2ea9	[automerger skipped] Merge "Revert^2 "Detect factory reset and deleteAllKeys"" into sc-dev am: `1566a5bf00` -s ours am skip reason: skipped by user paulcrowley Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15547746 Change-Id: Ib9daf1c3d27f913c99eddf09c29a45a9387fbca9	2021-08-13 13:50:16 +00:00
Paul Crowley	1566a5bf00	Merge "Revert^2 "Detect factory reset and deleteAllKeys"" into sc-dev	2021-08-13 02:33:43 +00:00
Paul Crowley	d31f36d334	Revert^2 "Detect factory reset and deleteAllKeys" Revert submission 15536724-revert-15521094-vold-deleteAllKeys-GDJSMLXRVZ Reason for revert: Underlying KM problem fixed Reverted Changes: I8e2621bef:Revert "Detect factory reset and deleteAllKeys" I546b980bb:Revert "Add deleteAllKeys to IKeystoreMaintenance"... I1ed68dd9e:Revert "Allow vold to deleteAllKeys in Keystore" Bug: 187105270 Test: booted Cuttlefish twice Merged-In: `1e6a5f5106` Change-Id: Id641444b4ebba951aa8c5474ed60844cfaae1e20	2021-08-13 01:44:46 +00:00
Shawn Willden	e4190a395a	[automerger skipped] Merge "Revert "Detect factory reset and deleteAllKeys"" into sc-dev am: `90c818d9ee` -s ours am skip reason: Merged-In I9c5c547140e8b1bbffb9c1d215f75251f0f1354e with SHA-1 `1e6a5f5106` is already in history. Merged-In was found from reverted change. Reverted change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15517876 Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15536478 Change-Id: I78039d08a9bc7d9a2d285744e6d64f4af6ac851a	2021-08-12 01:31:31 +00:00
Shawn Willden	90c818d9ee	Merge "Revert "Detect factory reset and deleteAllKeys"" into sc-dev	2021-08-12 01:17:13 +00:00
Shawn Willden	2bab97c368	Revert "Detect factory reset and deleteAllKeys" Revert "Add deleteAllKeys to IKeystoreMaintenance" Revert "Enable deleteAllKeys from vold" Revert "Allow vold to deleteAllKeys in Keystore" Revert submission 15521094-vold-deleteAllKeys Reason for revert: Causes infinite loop in Trusty KeyMint Reverted Changes: I9c5c54714:Detect factory reset and deleteAllKeys I2fb0e94db:Allow vold to deleteAllKeys in Keystore Id23f25c69:Add deleteAllKeys to IKeystoreMaintenance Ife779307d:Enable deleteAllKeys from vold I4312b9a11:Enable deleteAllKeys from vold Bug: 187105270 Change-Id: I8e2621bef234d0a59be422b8d1d8d52a91378a5e	2021-08-12 01:07:00 +00:00
TreeHugger Robot	d7b96bc64f	Merge "Add ROLLBACK_RESISTANCE tag to key usage" into sc-dev am: `8f19fd90e3` Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15534270 Change-Id: Ieaa3ce08c20df998a8141c77a7f771e40e1c6d0a	2021-08-11 23:16:01 +00:00
TreeHugger Robot	8f19fd90e3	Merge "Add ROLLBACK_RESISTANCE tag to key usage" into sc-dev	2021-08-11 22:59:40 +00:00
Paul Crowley	2160b23d14	[automerger skipped] Detect factory reset and deleteAllKeys am: `0f74bd4811` -s ours am skip reason: Merged-In I9c5c547140e8b1bbffb9c1d215f75251f0f1354e with SHA-1 `1e6a5f5106` is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15517876 Change-Id: Idcba5a41ce50b3c043a8b80b74d90de0aef50f18	2021-08-11 22:00:38 +00:00
[6;7~	2601eb7f8c	Add ROLLBACK_RESISTANCE tag to key usage If KM is upgraded from a version that does not support rollback resistance to one that does, we really want our upgraded keys to include rollback resistance. By passing this tag in when we use the keys, we ensure that the tag is passed into the upgradeKey request whenever it is made, which some KM implementations can use to add rollback resistance to our keys. Bug: 187105270 Ignore-AOSP-First: no merge path to this branch from AOSP. Test: Manual Change-Id: I6154fe26a10b60cd686cc60dbc2e0a85c152f43b	2021-08-11 14:22:41 -07:00
Paul Crowley	c248576dad	Merge "Detect factory reset and deleteAllKeys" am: `407b2c2386` am: `85961f7a9c` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1789528 Change-Id: I7608e0cccc2c145f722e0fa85b922af9b1d2d8d6	2021-08-11 18:13:25 +00:00
Paul Crowley	85961f7a9c	Merge "Detect factory reset and deleteAllKeys" am: `407b2c2386` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1789528 Change-Id: Ibc05df1c5ceede35fdca6d1e6a5abd67e70519f5	2021-08-11 17:52:00 +00:00
Paul Crowley	0f74bd4811	Detect factory reset and deleteAllKeys Where metadata encryption is enabled, if there is no metadata encryption key present and we are generating one anew, then there has been a factory reset, and this is the first key to be generated. We then call deleteAllKeys to ensure data from before the factory reset is securely deleted. This shouldn't really be necessary; the factory reset call itself should be doing this. However there are currently three factory reset paths (settings, recovery, fastboot -w) and it is not clear that all three are doing this correctly on all devices. Obviously an attacker can prevent this code from being run by running a version of the OS that does not include this change; however, if the bootloader is locked, then keys will be version bound such that they will only work on locked devices with a sufficiently recent version of the OS. If every sufficiently recent signed version of the OS includes this change the attack is defeated. Bug: 187105270 Test: booted Cuttlefish twice, checked logs Ignore-AOSP-First: no merge path to this branch from AOSP. Merged-In: I9c5c547140e8b1bbffb9c1d215f75251f0f1354e Change-Id: I9c5c547140e8b1bbffb9c1d215f75251f0f1354e	2021-08-11 10:43:58 -07:00
Paul Crowley	407b2c2386	Merge "Detect factory reset and deleteAllKeys"	2021-08-11 17:39:55 +00:00
Paul Crowley	1e6a5f5106	Detect factory reset and deleteAllKeys Where metadata encryption is enabled, if there is no metadata encryption key present and we are generating one anew, then there has been a factory reset, and this is the first key to be generated. We then call deleteAllKeys to ensure data from before the factory reset is securely deleted. This shouldn't really be necessary; the factory reset call itself should be doing this. However there are currently three factory reset paths (settings, recovery, fastboot -w) and it is not clear that all three are doing this correctly on all devices. Obviously an attacker can prevent this code from being run by running a version of the OS that does not include this change; however, if the bootloader is locked, then keys will be version bound such that they will only work on locked devices with a sufficiently recent version of the OS. If every sufficiently recent signed version of the OS includes this change the attack is defeated. Bug: 187105270 Test: booted Cuttlefish twice, checked logs Change-Id: I9c5c547140e8b1bbffb9c1d215f75251f0f1354e	2021-08-11 10:29:59 -07:00
Treehugger Robot	ff366fab5f	Merge "Remove ndk_platform backend. Use the ndk backend." am: `85705f6c86` am: `e66b2b4015` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1778413 Change-Id: I3bf1a2b23581bb543ec1496bb60f5d8052076fce	2021-07-28 12:49:02 +00:00
Treehugger Robot	e66b2b4015	Merge "Remove ndk_platform backend. Use the ndk backend." am: `85705f6c86` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1778413 Change-Id: Ic80a30be678fd7427ee7239f8cdb758dfd483940	2021-07-28 12:35:52 +00:00
Treehugger Robot	85705f6c86	Merge "Remove ndk_platform backend. Use the ndk backend."	2021-07-28 12:26:13 +00:00
Nikita Ioffe	78c9cba6a5	Merge "Remove vold logs related to block devices" am: `cbf82ffa29` am: `9bf8553f8d` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1779986 Change-Id: I0f5f606384ccebf21e618617a2dd7e12cc4db7b6	2021-07-28 11:26:30 +00:00
Nikita Ioffe	9bf8553f8d	Merge "Remove vold logs related to block devices" am: `cbf82ffa29` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1779986 Change-Id: I81accecbb47c158de761df31fe078aaa27332006	2021-07-28 11:15:08 +00:00
Nikita Ioffe	cbf82ffa29	Merge "Remove vold logs related to block devices"	2021-07-28 11:01:01 +00:00
Nikita Ioffe	b881fc4feb	Remove vold logs related to block devices Since every APEX requires at least one loop device, now most of the block devices on a device are not managed by vold. This change removes some log statements around block devices that vold is not aware of. Test: device boots Test: adb logcat Change-Id: I8efa22023c1f888e75f40178fac464af4457df3c	2021-07-28 02:58:57 +01:00
Jiyong Park	973e05938d	Remove ndk_platform backend. Use the ndk backend. The ndk_platform backend will soon be deprecated because the ndk backend can serve the same purpose. This is to eliminate the confusion about having two variants (ndk and ndk_platform) for the same 'ndk' backend. Bug: 161456198 Test: m Change-Id: I87554ce86da0f862568c5aa84a21e6613655eb25	2021-07-27 12:21:11 +09:00
Keith Mok	a3f7a54366	Merge "Add command for setting the key binding seed" am: `2d76731968` am: `7aec273c8d` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1757970 Change-Id: If53ae63a91b702e09297c1d916394aee99eee8d2	2021-07-15 21:35:55 +00:00
Keith Mok	7aec273c8d	Merge "Add command for setting the key binding seed" am: `2d76731968` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1757970 Change-Id: I4fe8e883754c0c8322fb8223cdb64904da516972	2021-07-15 21:26:35 +00:00
Keith Mok	2d76731968	Merge "Add command for setting the key binding seed"	2021-07-15 20:47:42 +00:00
Sean Keys	8452f41d4a	Add command for setting the key binding seed The seed value is passed to vold early in startup so that the key-encryption keys are bound to the seed. This is useful for systems like auto, in which the Android device may not require credentials to use. In that case, the device should be bound to the rest of the system (the car, in the case of auto) to guard against theft. Test: manual Change-Id: I2e16387b0752a30ef226b5ddf32ebf955aa9610a	2021-07-13 23:41:50 +00:00
Eric Biggers	3746f5a475	[automerger skipped] Ignore too-early earlyBootEnded on FDE devices am: `2ddc1338d7` -s ours am skip reason: Merged-In I03f816db194a8276ad19ca99b3c8894e8a5fed23 with SHA-1 `4859e0ca0f` is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15109082 Change-Id: I0f1cde2384d1848bd4c5da8764dc5a350a56b1bd	2021-06-25 21:06:58 +00:00
Eric Biggers	9f749bcb19	Merge "Ignore too-early earlyBootEnded on FDE devices" am: `a3bd31c170` am: `979429e6c3` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1747633 Change-Id: Iff37e24d06efedebf682c37b79fdc8ec868b0739	2021-06-25 20:11:40 +00:00
Eric Biggers	979429e6c3	Merge "Ignore too-early earlyBootEnded on FDE devices" am: `a3bd31c170` Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1747633 Change-Id: Ida62bd5cdab40ce459ba45d20a13c09545b4d938	2021-06-25 19:57:37 +00:00
Eric Biggers	2ddc1338d7	Ignore too-early earlyBootEnded on FDE devices Don't call IKeystoreMaintenance::earlyBootEnded() too early on FDE devices, so that keystore2 doesn't have to be restarted. Bug: 192090857 Test: Tested FDE on Cuttlefish, both first and non-first boots. Verified via log that earlyBootEnded is now called only when it should be, and that keystore2 no longer has to be restarted. Change-Id: I03f816db194a8276ad19ca99b3c8894e8a5fed23 (cherry picked from commit `4859e0ca0f`) Merged-In: I03f816db194a8276ad19ca99b3c8894e8a5fed23	2021-06-25 12:44:08 -07:00
Eric Biggers	a3bd31c170	Merge "Ignore too-early earlyBootEnded on FDE devices"	2021-06-25 19:43:02 +00:00

1 2 3 4 5 ...

4913 commits