Commit graph

45 commits

Author SHA1 Message Date
Zim
5048b4b2bc Add mount callback
Mounting a FUSE path needs two steps:
1. Mounting the filesystem
2. Starting the FUSE session in the FUSE daemon

The second part requires retriving an fd from (1) and the mount paths
and passing it to the FUSE daemon.

Previously, we'd return from the Vold mount call and mark the volume
as mounted while we scramble to do (2). This means there's a time
period where the Volume is marked as MOUNTED but not actually ready
and any IO access on the paths will hang forever. This could also be
misleading when interpreting bug reports.

Now, we block the Vold mount call until the FUSE session is started

Test: atest AdoptableHostTest
Bug: 144275217

Change-Id: I45238a31df71286f67ef1c65c711d0085d72e97f
2019-11-22 17:06:04 +01:00
Paul Crowley
7ee93a66bb Merge "Remove libfscrypt now it's in libfs_mgr" am: 43f8298bdd am: ce187e7fd6
am: ff5ad94627

Change-Id: Ibeaec1d3fd09893706cd927ff715f5f76d516749
2019-10-30 20:44:43 -07:00
Paul Crowley
8bf310b9f3 Remove libfscrypt now it's in libfs_mgr
Now that we include libfscrypt in libfs_mgr via whole_static_libs we
should not reference it directly.

Bug: 143307095
Test: treehugger
Change-Id: I4cd138b50131ec8ce7835d9604c89c99cae53212
2019-10-30 13:34:49 -07:00
Tao Bao
8679d9e0e9 Merge "Mark libvold_headers as recovery_available." am: 4a13731f08 am: 51143b3555 am: 4ac5065a5d
am: 0ad2c38fc3

Change-Id: Icbaa1be2e9ad4c43e3a18f021fa01a247b21be83
2019-10-03 17:35:35 -07:00
Tao Bao
b1bbc7079c Mark libvold_headers as recovery_available.
recovery modules use <cryptfs.h> (in particular CRYPT_FOOTER_OFFSET).

Test: mmma bootable/recovery
Change-Id: I97b038476ccbeb0a5ac4a6cde86063325bdbb152
2019-10-02 10:50:53 -07:00
Steven Moreland
cbf87ff82c Merge "Remove libhwbinder/libhidltransport deps" am: 88a19b6fe1 am: e3b772e0f7 am: 149f8d0754
am: caeeec6490

Change-Id: Iad05e6116469acd0a2e019c577e5ab05ef6c99bd
2019-09-06 16:28:35 -07:00
Steven Moreland
4496ef9d34 Remove libhwbinder/libhidltransport deps
Since these were combined into libhidlbase.

Bug: 135686713
Test: build only (libhwbinder/libhidltransport are empty)
Change-Id: I890b572d537d66ecb49effd8efc782279c52956e
2019-09-05 14:18:22 -07:00
David Anderson
7cd6ceb835 Merge "libdm now requires linking to libext2_uuid." am: 9e821da9fe am: e91c2686e9 am: d26cb98c4d
am: 0be952d362

Change-Id: Icaa2f68ea5857df5dda76ebeb0ade0bbc9d26ccc
2019-07-12 17:34:58 -07:00
David Anderson
10de69d7bb libdm now requires linking to libext2_uuid.
Bug: 135771280
Test: mm vold -j
Change-Id: Id71c71926841581d4d3bc4a66f4c06294df21028
2019-06-27 13:41:03 -07:00
Janis Danisevskis
1e782f0277 Keymaster memory management is inconsistent
Objects derived from RefBase should always be owned by sp rather then
unique_ptr or other smart pointer implementations.

Bug: 79474587
Change-Id: I6a3ca04b3a3bab74c6114643ffdaeac537188d12
2019-06-12 13:27:20 -07:00
Treehugger Robot
94f300295d Merge "Match src paths with aidl package name" 2019-06-06 02:19:19 +00:00
Dan Willemsen
87c7f882dd Match src paths with aidl package name
In order for the build system to track updates to the header files
during incremental builds, always specify the src files using the same
path as the package for C++ compilations.

Bug: 112114177
Test: treehugger
Change-Id: I9a2d638cbde46f67e2d5761f5b5113cc7e068ec5
2019-06-05 17:03:31 +00:00
David Anderson
b92247368a Replace manual dm ioctls with libdm.
This mostly 1:1 replaces manual ioctls to device-mapper with calls to
libdm. There were two exceptions:

(1) There is a very old table-load-retry loop to workaround issues with
    umount (b/7220345). This loop has been preserved, however, it now
    includes DM_DEV_CREATE as well as DM_TABLE_LOAD.
(2) There was some ancient code to set DM_DEV_GEOMETRY for obb
    dm-devices. This never did anything since geometry must be set after
    loading a table. When setting it before (as vold was doing), the
    subsequent DM_TABLE_LOAD will clear it.

Bug: 132206403
Test: FBE device boots
      FBE device w/ metadata encryption boots
      FDE device boots
      atest StorageManagerIntegrationTest
Change-Id: Ib6db6b47329f093ac7084edaf604eddace8b9ac6
2019-05-13 13:07:12 -07:00
Nick Kralevich
d78fb53378 vold: add android-* to tidy_checks
Bug: 129350825
Test: compiles and boots
Change-Id: If5a6267cc56bfc0ba73602bfa520035197b4fb90
2019-03-29 16:07:58 -07:00
Jiyong Park
8d21c924d7 Don't unmount /storage for early native processes
Motivation:

Early processes launched before the runtime APEX - that hosts the bionic
libs - is activated can't use the bionic libs from the APEX, but from the
system partition (which we call the bootstrap bionic). Other processes
after the APEX activation should use the bionic libs from the APEX.
In order to let both types of processes to access the bionic libs via
the same standard paths /system/lib/{libc|libdl|libm}.so, some mount
namespace magic is used.

To be specific, when the device boots, the init initially bind-mounts
the bootstrap bionic libs to the standard paths with MS_PRIVATE. Early
processes are then executed with their own mount namespaces (via
unshare(CLONE_NEWNS)). After the runtime APEX is activated, init
bind-mounts the bionic libs in the APEX to the same standard paths.
Processes launched thereafter use the bionic libs from the APEX (which
can be updated.)

Important thing is that, since the propagation type of the mount points
(the standard paths) is 'private', the new bind-mount events for the
updated bionic libs should not affect the early processes. Otherwise,
they would experience sudden change of bionic libs at runtime. However,
other mount/unmounts events outside of the private mount points are
still shared across early/late processes as before. This is made possible
because the propagation type of / is 'shared' .

Problem:

vold uses the equality of the mount namespace to filter-out processes
that share the global mount namespace (the namespace of the init). However,
due to the aforementioned change, the early processes are not filtered
out because they have different mount namespaces. As a result,
umount2("/storage/") is executed on them and this unmount event
becomes visible to the global mount namespace (because as mentioned before /
is 'shared').

Solution:

Fiter-out the early processes by skipping a native (non-Java) process
whose UID is < AID_APP. The former condition is because all early
processes are native ones; i.e., zygote is started after the runtime
APEX is activated. The latter condition is to not filter-out native
processes created locally by apps.

Bug: 120266448
Test: m; device boots

Change-Id: I054deedc4af8421854cf35be84e14995523a259a
2019-03-04 16:22:41 +09:00
LongPing Wei
7f3ab95b8d Remove secontext.h, secontext.cpp, hash.h
cryptfs.cpp and MetadataCrypt.cpp can use android::vold::sFsckContext directly.
hash.h is unuseful.

Test: make
Change-Id: I7acdac97d6ed1c9b2a5dc367fcea8aa2942192e8
2019-01-30 16:28:02 +08:00
Michael Wright
ad232d6f84 Remove dependency on libparcelfiledescriptor
This library doesn't actually exist outside of ARC specific branches,
so it will break any ARC product builds.

Test: None
Change-Id: Ic73f470c93ea7d3590dc2b273624988291612344
2018-12-04 12:22:47 +00:00
Treehugger Robot
e7a9d5fbbd Merge "ARC++ swap for AppFuseUtil" 2018-12-01 07:22:19 +00:00
Treehugger Robot
13755d81be Merge "Includes new static libfs_avb" 2018-11-30 06:59:38 +00:00
Bowgo Tsai
549fd0e9ae Includes new static libfs_avb
Bug: 112103720
Test: boot crosshatch_mainline-userdebug
Change-Id: If33f6dbf7a31d57f61c0aca0296f2ff06c8b4a86
2018-11-29 22:17:24 +08:00
Risan
dcbd4fcad2 ARC++ swap for AppFuseUtil
Bug: 110379912
Test: Compiled.
Change-Id: Ib7910ba4df6c60d7125a07b07c62612ed4146ddb
Merged-In: Ib7910ba4df6c60d7125a07b07c62612ed4146ddb
2018-11-14 07:28:36 +00:00
Risan
ac02a4863f Extract AppFuse as a util
Bug: 110379912
Test: testOpenProxyFileDescriptor
Change-Id: I0429a498d7b54682efe9b05815f3470e8745609e
2018-11-14 07:28:06 +00:00
Risan
8c9f33242f StubVolume as first class Volume in Vold
StubVolume is a Volume that is maintained by external party such as the
ChromeOS processes in ARC++.

Bug: 110380403
Test: Tested on ARC++

Change-Id: I3198bd7283d5f60a524da3707dea7385ffec599d
2018-11-08 07:40:43 +00:00
Eric Biggers
a701c458ca vold: rename from "ext4 encryption" to fscrypt
We support file-based encryption on both ext4 and f2fs now, and the
kernel API is the same.  So rename things appropriately in vold:

    e4crypt => fscrypt
    ext4enc => fscrypt
    Ext4Crypt => FsCrypt
    EXT4_* => FS_*
    ext4_encryption_key => fscrypt_key

Additionally, the common functions shared by 'vold' and 'init' are now
in libfscrypt rather than ext4_utils.  So update vold to link to
libfscrypt and include the renamed headers.

Note: there's a chance of 'fscrypt' being confused with the dm-crypt
based encryption code in vold which is called 'cryptfs'.  However,
fscrypt is the name used in the kernel for ext4/f2fs/ubifs encryption,
and it's preferable to use the same name in userspace.

Test: built, booted device with f2fs encryption
Change-Id: I2a46a49f30d9c0b73d6f6fe09e4a4904d4138ff6
2018-10-25 17:12:32 -07:00
Daniel Rosenberg
d399249855 Add checkpointing support for A/B updates
This adds implicit rollback support during A/B style updates.
If you explicitly start a checkpoint with -1, needsRollback will
trigger if the update fails, and should be used if any additional
cleanup is needed that is not covered by A/B itself.

Test: All Checkpoint tests pass
Bug: 111020314
Change-Id: I88b4a1098c6bac4dc1438a54c8a8f59577a6c17b
2018-10-03 15:39:25 -07:00
Mark Salyzyn
c4405e9c17 Protect /mnt/scratch from stale umount on userdebug
On userdebug protect /mnt/scratch. On user builds ensure that
/mnt/scratch is considered a stale mount so it can not be used.
vold runs before ro.debuggable is set, so this must be a compile
time decision.

Minor technical debt cleanup associated with using android::base.

Test: compile
Bug: 109821005
Change-Id: I8efdbedfe850dd24daecf03a37aea61de47edc7d
Merged-In: I8efdbedfe850dd24daecf03a37aea61de47edc7d
2018-10-02 18:00:49 +00:00
Daniel Rosenberg
65f99c9e8b Add support for checkpointing
Checkpointing uses a combination of files on the meta partition
and the checkpoint= fs_mgr flag. Checkpointed partitions will
revert to their starting state on reboot unless checkpoint commit
is called.

Test: Run vdc commands, check file on metadata
Merged-In: Icba16578608a6cbf922472e9d4ae5b8cf5f016c6
Change-Id: Icba16578608a6cbf922472e9d4ae5b8cf5f016c6
2018-09-21 21:54:11 +00:00
Yifan Hong
91a68dfc98 health.filesystem HAL renamed to health.storage
Bug: 111655771
Test: compiles
Change-Id: Ibfcab4d116d735ba2f80a8b0ead314138a7ba23d
Merged-In: Ibfcab4d116d735ba2f80a8b0ead314138a7ba23d
2018-09-19 13:11:50 -07:00
Yifan Hong
024a1241a6 vold uses health filesystem HAL
to runDevGc(). This fixes a Treble violation.
Bug: 111655771
Test: manual

Change-Id: I53d6db6ffa99e43e281f8086442151692c1826ca
2018-09-17 10:06:57 -07:00
Wei Wang
f5b085c13a Add rc file for wait_for_keymaster
Similar to update_verifier, define higher prio and use exec_start for
this binary.

Bug: 79492334
Test: Reboot test
Change-Id: I8d3133cabcc8d4cee8bdead310f2c18d8d07e9dd
2018-05-15 16:15:21 -07:00
Paul Crowley
8f82879901 add wait_for_keymaster
Bug: 79228237
Test: boots with patch
Change-Id: I581bcd4c4dd92c5b7be70eb351ecba20225e1eee
2018-05-09 12:59:18 -07:00
Risan
de787a847a Remove libarcmounter dependency in Vold
Due to rerouting ArcBridge call through System Server, Vold doesn't need
to depend on ArcBridge-related C++ library anymore.

Bug: 64500663
Test: Compiled.
Change-Id: Ic93cbc8cec8496784960d5093fb7b12d43574ced
2018-03-01 11:19:51 +09:00
Risan
ea2d2bb46c Add ArcService AIDL in Vold
This is needed to allow ARC++ Vold to interact with ArcBridgeService
through SystemServer.

Bug: 64500663
Test: Compiled, tested on device + cts in master-arc-dev (ag/3488659)
Change-Id: I3b05b0f456ec99be9163877a2d83cdbf2bb94991
2018-02-23 18:23:35 +00:00
Shawn Willden
353518194e Support Keymaster4
This CL changes vold from using a KM3 device directly to using the KM4
support wrapper from the KM4 support library, which supports both KM3
and KM4 devices (KM0, 1 and 2 devices are still supported as well,
because the default KM3 device is a wrapper that uses them).

In addition, I found myself getting confused about which "Keymaster"
types were locally-defined vold keymaster types and which were from
the KM4 HAL and support library, so I changd the approach to
referencing the latter, so all of them are qualified with the "km::"
namespace reference.

Test: Build & boot
Change-Id: I08ed5425641e7496f8597d5716cb3cd0cbd33a7f
2018-01-25 20:14:42 -07:00
Risan
9929e7db32 [VOLD] Add ARC++ ObbMount shared lib
Unfortunately, static library dependency is not transitive (even if the
dependency is a shared library). So I am wrapping the libarcobbvolume's
dependency as libarcmounter shared library.

Bug: 64500663
Test: Compile
Change-Id: I12be7a9d885c7c1c043185bd134e0148d420c6fd
2018-01-22 11:04:25 +09:00
Jeff Sharkey
37ba125205 Add basic exFAT support.
Several partners have been requesting exFAT support.  Android doesn't
natively support exFAT, but we're at least willing to try mounting an
exFAT filesystem if we detect the Linux kernel supports it, and if
helper binaries are present.

This CL is simple scaffolding, and it provides no actual
implementation of exFAT.

Test: builds, boots
Bug: 67822822
Change-Id: Id4f8ec3967b32de6e1c0e3c4b47fe6e43a6291ab
2018-01-19 11:58:43 +09:00
TreeHugger Robot
24224d10d0 Merge "Break vold dependency on keystore utilities." 2017-12-21 00:52:38 +00:00
Colin Cross
b8efb47a7c Merge "Export AIDL files as a filegroup for framework.jar" 2017-12-02 23:20:42 +00:00
Risan
aedae617fe [Vold] Conditional dependency to ARC++ ObbVolume
Test: Compile

Change-Id: Ic6348f7816b28302d45c05a359548a5d034fde24
Bug: 64500663
2017-11-30 04:24:41 +00:00
Colin Cross
a838863d77 Export AIDL files as a filegroup for framework.jar
Put AIDL files into a filegroup so they can be imported as sources
for framework.jar.

Bug: 69917341
Test: m checkbuild
Change-Id: I22e765ccf88832b1b192b42b2161898d9a6e5b2c
2017-11-29 19:07:22 +00:00
Shawn Willden
f452774030 Break vold dependency on keystore utilities.
This is temporary.  Keystore is in the process of being upgraded to use
the new Keymaster 4.0 HAL, and I want to leave vold alone, using
Keymaster 3.0 for the moment.  This CL just copies relevant bits of
keystore support utilities into vold, so it can stop depending on the
copies from keystore.

After the keystore update is complete, vold will be changed either to
use Keymaster 4.0 or -- more likely -- to use keystore rather than
talking to Keymaster directly.  At that point the files added by this CL
will be deleted.

Test: Device boots and successfully decrypts /data
Change-Id: I73f6d4cc4c5e20d89d7ac37d29d025bf279f9e12
2017-11-09 16:05:38 -07:00
Paul Crowley
b64933a502 Be even more C++. Switch on a warning.
Remove lots of "extern C" and "ifdef __cplusplus" which are no longer
needed now all of vold is C++. Also turn on the cert-err58-cpp warning
we once had to disable.

Bug: 67041047
Test: compiles, boots
Change-Id: I8c6f9dd486f2409e0deed7bb648d959677465b21
2017-10-31 08:40:23 -07:00
Jeff Sharkey
2048a2865c Test that plaintext can't be read from disk for encrypted files.
Bug: 36029169
Test: tested by hand on Taimen
Change-Id: I5717a8630bb2c8d8fe5c343d519c4e59862ecbdf
2017-10-27 15:14:56 -07:00
Paul Crowley
82b41ff837 Convert vold_prepare_subdirs to C++
Minimize overhead in boot by replacing shell script invoked multiple
times with a C++ program invoked once.

Bug: 67901036
Test: create user, run adb shell ls -laZ /data/misc_ce/10; delete user
    and check logs.
Change-Id: I886cfd6505cca1f5b5902f2071e13f48e612214d
2017-10-24 15:26:58 -07:00
Jeff Sharkey
d16dc5089b Move vold to Android.bp.
Test: builds, boots
Bug: 67041047
Change-Id: Ife9118d274fc92d30b38d216f815741a060a04b7
2017-10-23 17:27:49 -06:00