platform_system_vold/model/ObbVolume.cpp
Eric Biggers 7e79a43a72 Remove broken code for mounting encrypted OBB files
Mounting encrypted OBB files has never worked reliably across devices,
partly due to its reliance on Twofish encryption support in the kernel.
This is because Twofish support (CONFIG_CRYPTO_TWOFISH) has never been
required or even recommended for Android.  It has never been enabled in
GKI, but even before GKI it wasn't required or recommended.  Moreover,
this is now the only Android feature that still uses dm-crypt
(CONFIG_DM_CRYPT), and some devices don't have that enabled either.

Therefore, it appears that this feature is unused.  That's perhaps not
surprising, considering that the documentation for OBBs
(https://developer.android.com/google/play/expansion-files) says that
they are deprecated, and also it explains OBBs as being app files that
are opaque to the platform; the ability of the platform to mount OBBs
that happen to be in a particular format is never mentioned.  That means
that OBB mounting is probably rarely used even with unencrypted OBBs.
Finally, the usefulness of OBBs having their own encryption layer (in
addition to what the platform already provides via FBE) is not clear
either, especially with such an unusual choice of cipher.

To avoid the confusion that is being caused by having the broken code
for mounting encrypted OBBs still sitting around, let's remove it.

Test: atest StorageManagerTest # on Cuttlefish
Test: atest StorageManagerIntegrationTest # on Cuttlefish
Bug: 216475849
Change-Id: Iaef32cce90f95ea745ba2b143f89e66f533f3479
2022-03-01 21:19:18 +00:00

95 lines
2.4 KiB
C++

/*
* Copyright (C) 2017 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "ObbVolume.h"
#include "Loop.h"
#include "Utils.h"
#include "VoldUtil.h"
#include "fs/Vfat.h"
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
#include <cutils/fs.h>
#include <private/android_filesystem_config.h>
#include <fcntl.h>
#include <stdlib.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <sys/sysmacros.h>
#include <sys/types.h>
#include <sys/wait.h>
using android::base::StringPrintf;
namespace android {
namespace vold {
ObbVolume::ObbVolume(int id, const std::string& sourcePath, gid_t ownerGid)
: VolumeBase(Type::kObb) {
setId(StringPrintf("obb:%d", id));
mSourcePath = sourcePath;
mOwnerGid = ownerGid;
}
ObbVolume::~ObbVolume() {}
status_t ObbVolume::doCreate() {
if (Loop::create(mSourcePath, mLoopPath)) {
PLOG(ERROR) << getId() << " failed to create loop";
return -1;
}
return OK;
}
status_t ObbVolume::doDestroy() {
if (!mLoopPath.empty() && Loop::destroyByDevice(mLoopPath.c_str())) {
PLOG(WARNING) << getId() << " failed to destroy loop";
}
mLoopPath.clear();
return OK;
}
status_t ObbVolume::doMount() {
auto path = StringPrintf("/mnt/obb/%s", getId().c_str());
setPath(path);
if (fs_prepare_dir(path.c_str(), 0700, AID_ROOT, AID_ROOT)) {
PLOG(ERROR) << getId() << " failed to create mount point";
return -1;
}
// clang-format off
if (android::vold::vfat::Mount(mLoopPath, path, true, false, true,
0, mOwnerGid, 0227, false)) {
// clang-format on
PLOG(ERROR) << getId() << " failed to mount";
return -1;
}
return OK;
}
status_t ObbVolume::doUnmount() {
auto path = getPath();
KillProcessesUsingPath(path);
ForceUnmount(path);
rmdir(path.c_str());
return OK;
}
} // namespace vold
} // namespace android