tequilaOS/platform_system_vold
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
4811 commits 1 branch 0 tags 9.7 MiB
C++ 97.1%
AIDL 1.2%
Python 1.2%
Makefile 0.3%
C 0.2%
Find a file
Paul Crowley 0f74bd4811 Detect factory reset and deleteAllKeys 
Where metadata encryption is enabled, if there is no metadata encryption
key present and we are generating one anew, then there has been a
factory reset, and this is the first key to be generated. We then call
deleteAllKeys to ensure data from before the factory reset is securely
deleted.

This shouldn't really be necessary; the factory reset call itself
should be doing this. However there are currently three factory reset
paths (settings, recovery, fastboot -w) and it is not clear that all
three are doing this correctly on all devices. Obviously an attacker
can prevent this code from being run by running a version of the OS
that does not include this change; however, if the bootloader is
locked, then keys will be version bound such that they will only work
on locked devices with a sufficiently recent version of the OS. If
every sufficiently recent signed version of the OS includes this change
the attack is defeated.

Bug: 187105270
Test: booted Cuttlefish twice, checked logs
Ignore-AOSP-First: no merge path to this branch from AOSP.
Merged-In: I9c5c547140e8b1bbffb9c1d215f75251f0f1354e
Change-Id: I9c5c547140e8b1bbffb9c1d215f75251f0f1354e
2021-08-11 10:43:58 -07:00
bench [LSC] Add LOCAL_LICENSE_KINDS to system/vold 2021-02-14 10:37:25 -08:00
binder/android/os [vold] pass along sysfs name in setOptions 2021-05-10 16:22:40 -07:00
fs mkfs_f2fs: give the log in kernel 2021-04-15 20:24:04 -07:00
model Revert "Change mounting storage data and obb flag to on by default" 2021-05-14 10:31:12 +00:00
tests Add syncs when creating parent directories 2021-02-16 16:18:53 -08:00
.clang-format vold: use system-clang-format 2019-09-16 12:00:40 -07:00
Android.bp Make vold use keystore2 instead of keymaster 2021-04-08 00:16:01 +00:00
AppFuseUtil.cpp AppFuseUtil: Call ForceUnmount before PrepareDir. 2019-04-09 18:45:32 +01:00
AppFuseUtil.h Extract AppFuse as a util 2018-11-14 07:28:06 +00:00
Benchmark.cpp vold: Use Wakelock::tryGet() 2021-02-22 17:24:51 -05:00
Benchmark.h clang-format many files. 2018-09-18 15:41:22 -07:00
BenchmarkGen.h Abort long-running benchmarks, report progress. 2017-11-07 09:57:12 -07:00
Checkpoint.cpp IdleMaint: use fstab_default from VoldUtil 2020-10-15 16:54:38 -07:00
Checkpoint.h Add an isCheckpointing() binder call for adb remount. 2020-06-10 23:52:25 -07:00
CleanSpec.mk Add an empty CleanSpec.mk 2010-03-08 18:05:25 -08:00
cryptfs.cpp cryptfs: kill processes more quickly in wait_and_unmount() 2021-05-10 20:44:07 -07:00
cryptfs.h Refactor key generation to handle both normal and metadata encryption. 2020-02-14 13:59:06 -08:00
CryptoType.cpp Generalize CryptoType infrastructure 2020-02-14 00:48:27 -08:00
CryptoType.h Generalize CryptoType infrastructure 2020-02-14 00:48:27 -08:00
Devmapper.cpp Replace manual dm ioctls with libdm. 2019-05-13 13:07:12 -07:00
Devmapper.h Replace manual dm ioctls with libdm. 2019-05-13 13:07:12 -07:00
EncryptInplace.cpp EncryptInplace: fsync cryptofd before reporting success 2020-11-04 19:24:19 -08:00
EncryptInplace.h Refactor EncryptInplace.cpp 2020-11-03 14:16:32 -08:00
FileDeviceUtils.cpp Remove excess logging in secdiscard 2019-03-21 19:13:51 +00:00
FileDeviceUtils.h clang-format many files. 2018-09-18 15:41:22 -07:00
FsCrypt.cpp vold: add getUnlockedUsers() method to Binder interface 2021-04-13 10:53:00 -07:00
FsCrypt.h vold: add getUnlockedUsers() method to Binder interface 2021-04-13 10:53:00 -07:00
IdleMaint.cpp vold: Use Wakelock::tryGet() 2021-02-22 17:24:51 -05:00
IdleMaint.h Add functions to handle idle maintenance 2017-11-14 15:12:30 -08:00
KeyBuffer.cpp clang-format many files. 2018-09-18 15:41:22 -07:00
KeyBuffer.h clang-format many files. 2018-09-18 15:41:22 -07:00
Keymaster.cpp Detect factory reset and deleteAllKeys 2021-08-11 10:43:58 -07:00
Keymaster.h Detect factory reset and deleteAllKeys 2021-08-11 10:43:58 -07:00
KeyStorage.cpp Fix bug with deferred commits for key upgrades in temporary directories 2021-05-13 11:21:23 -07:00
KeyStorage.h Remove unused constants and cleanup KeyStorage.cpp 2021-05-12 13:05:35 -07:00
KeyUtil.cpp KeyStorage: improve logging for key generation 2021-03-15 16:47:55 -07:00
KeyUtil.h KeyStorage: rework key upgrade handling 2020-11-05 19:58:26 -08:00
Loop.cpp Silence useless LOOP_GET_STATUS64 warnings 2020-10-15 15:26:27 -07:00
Loop.h clang-format many files. 2018-09-18 15:41:22 -07:00
main.cpp Acknowledge the 'nofail' fs_mgr flag and skip the expected failure. 2020-05-06 16:45:23 +00:00
MetadataCrypt.cpp Detect factory reset and deleteAllKeys 2021-08-11 10:43:58 -07:00
MetadataCrypt.h Let vold format the encrypted partition 2020-12-22 11:28:50 -08:00
MoveStorage.cpp vold: Use Wakelock::tryGet() 2021-02-22 17:24:51 -05:00
MoveStorage.h clang-format many files. 2018-09-18 15:41:22 -07:00
NetlinkHandler.cpp vold: remove unused stop() methods 2020-09-23 10:02:25 -07:00
NetlinkHandler.h vold: remove unused stop() methods 2020-09-23 10:02:25 -07:00
NetlinkManager.cpp vold: remove unused stop() methods 2020-09-23 10:02:25 -07:00
NetlinkManager.h vold: remove unused stop() methods 2020-09-23 10:02:25 -07:00
OWNERS OWNERS: add alan and jeff, alphabetize 2020-12-10 13:08:28 +01:00
PREUPLOAD.cfg vold should be fully developed in AOSP. 2018-09-11 12:08:43 -06:00
Process.cpp Show names of processes killed by KillProcessesWithOpenFiles() 2021-05-10 17:34:11 +00:00
Process.h Only kill apps with storage app data isolation enabled 2021-04-30 13:58:07 +00:00
ScryptParameters.cpp clang-format many files. 2018-09-18 15:41:22 -07:00
ScryptParameters.h clang-format many files. 2018-09-18 15:41:22 -07:00
secdiscard.cpp secdiscard: use F2FS_IOC_SEC_TRIM_FILE for secure discard 2020-09-14 08:43:15 +09:00
sehandle.h clang-format many files. 2018-09-18 15:41:22 -07:00
TEST_MAPPING Add CtsScopedStorageDeviceOnlyTest to vold presubmit 2020-11-30 11:09:35 +00:00
Utils.cpp Merge "Only kill apps with storage app data isolation enabled" 2021-05-05 14:16:00 +00:00
Utils.h Only kill apps with storage app data isolation enabled 2021-04-30 13:58:07 +00:00
vdc.cpp Let vold format the encrypted partition 2020-12-22 11:28:50 -08:00
vdc.rc Remove all references to FDE enable wipe 2017-12-22 11:17:15 -08:00
vold.rc vold: Grant root group 2018-08-08 17:08:02 -07:00
vold_prepare_subdirs.cpp Remove ro.vold.level_from_user. 2021-01-05 09:49:24 +00:00
VoldNativeService.cpp Ignore too-early earlyBootEnded on FDE devices 2021-06-25 12:44:08 -07:00
VoldNativeService.h [vold] pass along sysfs name in setOptions 2021-05-10 16:22:40 -07:00
VoldNativeServiceValidation.cpp Additional operation check when enabling read logs. 2020-04-03 18:42:04 -07:00
VoldNativeServiceValidation.h [vold] Add argument verification to IncFS methods 2020-03-25 14:33:24 -07:00
VoldUtil.cpp Move over to the C++ Fstab class 2019-01-31 12:34:39 -08:00
VoldUtil.h Remove unused code in VoldUtil.h 2020-02-18 10:48:16 -08:00
VolumeManager.cpp Remove unused mount modes and re-number the modes for consistency 2021-02-24 14:52:37 +00:00
VolumeManager.h Add a method in vold to unmount app data and obb dir for testing 2021-01-18 13:47:44 +00:00
wait_for_keymaster.cpp add wait_for_keymaster 2018-05-09 12:59:18 -07:00
wait_for_keymaster.rc Add rc file for wait_for_keymaster 2018-05-15 16:15:21 -07:00