| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(chery-picked from commit 806d10be2336f32cdca16c2540cbf3d548f2fec7)
Move all key management into vold
Reuse vold's existing key management through the crypto footer
to manage the device wide keys.
Use ro.crypto.type flag to determine crypto type, which prevents
any issues when running in block encrypted mode, as well as speeding
up boot in block or no encryption.
This is one of four changes to enable this functionality:
https://android-review.googlesource.com/#/c/148586/
https://android-review.googlesource.com/#/c/148604/
https://android-review.googlesource.com/#/c/148606/
https://android-review.googlesource.com/#/c/148607/
Bug: 18151196
Change-Id: I6a8a18f43ae837e330e2785bd26c2c306ae1816b
|
| |
|
|
|
|
| |
Bug: http://b/20501816
Change-Id: I1839b48ee4f891b8431ecb809e37a4566a5b3e50
(cherry picked from commit 47b0134ec2b5e8c8b5b5671cd4a3e41261275532)
|
| |\
| |
| |
| |
| |
| |
| | |
SELinux boot failures."
* commit '48ba758782bed8c50f450fd77c4b3284c3fa7316':
Improve bad error reporting seen in shamu SELinux boot failures.
|
| | |
| |
| |
| |
| |
| | |
Explain why mount failed, and explicitly say that the umount fixed it.
Change-Id: I13b0927a36517f2fc9f9580945ba6ebefc4882df
|
| |\ \
| |/
|/|
| | |
Change-Id: I24c60a2747931917a3ea09b953905ce0f4145280
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Move fastboot's format logic into fs_mgr, to consolidate the knowledge
about how to do this (and when to wipe metadata).
Try to format these formattable paritions if they are wiped.
If formatting fails, we will fall out to let recovery mode handle it.
Bug: 20082763
Change-Id: I397cc197550e78d932e8a154fd234695c46dbe7b
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fix build break caused by original change
This reverts commit 84b0bab58fcc7f225e9a17a15c531b0c2fc509c5.
Change-Id: I99fbd7c3d1ed92db1f546033c8493bb71a327924
|
| |\ \
| | |
| | |
| | |
| | | |
* commit 'fbb3f8ca499b04c82437155f87c8666cad607c6b':
Set underlying block device RO when enabling verity
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, when verity is set up on a block device, the underlying
device is still accessible directly. Change the existing function
fs_set_blk_ro visible to other fs_mgr modules, change the behavior
to match the comment above the function definition, and call it to
disable write access to the block device when setting up verity.
Bug: 18609347
Change-Id: I7884175df15f9161174788d74d20a08e4cd472ca
|
| |\ \ \
| | |/
| |/|
| | |
| | | |
* commit '317b4024a2a46b8c57abfa08f2a649df13572bd3':
Revert "Make encryption configurable"
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit bda6272446454886339841a62daaa1b66c07ad60.
The original fix seems to have led to boot failures in QA. Rather than
risk shipping, revert the change. Bug 18764230 reopened.
Requires change
https://googleplex-android-review.git.corp.google.com/#/c/629764/
Bug: 19278390
Bug: 19199624
Change-Id: I8b6ab585666f2b0f585ffb2a5f61ac2e3462e06e
|
| |\ \ \
| | |/
| |/|
| | |
| | | |
* commit '17b5b3520094de679c9e43a872c02d15758c83b8':
fs_mgr: error check umount calls / add retry logic
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Don't silently ignore umount errors. At a minimum, log them.
Add strerror(errno) to another umount call, to make sure we get
some actionable data.
check_fs: try 5 times umounting the filesystem. It appears that
the umount is failing, perhaps because some service is opening
the file on the device or other error. Try unmounting it multiple
times in case it's a transient problem and we can recover.
Bug: 19199624
Bug: 19156134
Change-Id: I7213eb52d55116fb2419a36494d26d5e159981a7
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Delay mounting encryptable but unencrypted volumes until we can
check the ro.vold.forceencrypt flag, then optionally encrypt.
Requires matching vold change from
https://googleplex-android-review.git.corp.google.com/#/c/615309/
Bug: 18764230
Change-Id: If22008be8de6a4f3216b349f81ace49be1730314
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This allows a vendor to force encryption on devices via a vendor
partition flag:
ro.vold.forceencryption 1
Bug: 18764230
Change-Id: Id0049ce64e34e4f6f96e593aadd70c277ac131c8
|
| |\ \ \
| | |/
| |/|
| | |
| | | |
* commit 'bda6272446454886339841a62daaa1b66c07ad60':
Make encryption configurable
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Delay mounting encryptable but unencrypted volumes until we can
check the ro.vold.forceencrypt flag, then optionally encrypt.
Requires matching vold change from
https://googleplex-android-review.git.corp.google.com/#/c/615309/
Bug: 18764230
Change-Id: If22008be8de6a4f3216b349f81ace49be1730314
|
| |\ \ \
| | |/
| |/|
| | |
| | | |
* commit '4e0bdd1034ffcf55f4ebcbd547cf4aad59c05f03':
fs_mgr: Support filesystem labels in fstab
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When mounting fstab entries it is practical to be able to specify
for example LABEL=data instead of a specific block device.
This is particularly important for the new Android Emulator code base,
which uses virtio block devices for the various partitions
(system,data,cache), because there is no defined ordering between the
way the filesystems are specified to the emulator and how they are
enumerated by the android kernel as /dev/vdX.
Change-Id: I7aef95f12e8f7b02ac2e33804ba7897fdcb9ad7f
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* commit '4083ed7dff6e1dd8e20bec04f9451061951394f5':
Revert "fs_mgr: Support filesystem labels in fstab"
|
| | |\ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This reverts commit 69407ccb02a6b1b63f96657cd40a07c48e648cea.
Change-Id: I537a3b4257b7bc2a69f1f4d62b4e18e91f2dc713
|
| |\ \ \ \
| |/ / /
| | | /
| |_|/
|/| | |
* commit 'f9e2339553f70aebdd170e96ab9332b28c3851b4':
fs_mgr: Support filesystem labels in fstab
|
| | |\ \
| | |/ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When mounting fstab entries it is practical to be able to specify
for example LABEL=data instead of a specific block device.
This is particularly important for the new Android Emulator code base,
which uses virtio block devices for the various partitions
(system,data,cache), because there is no defined ordering between the
way the filesystems are specified to the emulator and how they are
enumerated by the android kernel as /dev/vdX.
Change-Id: I12c3db0ba6a515dc8e917e0349afd257888d3aef
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 152d2d4234ba89e0c20c4af13e291b6049a7bc33.
Fixed build error, and also fixed memory leak spotted from warning.
(cherry-pick of bbb36319119edde9377fb80015235893c30d2bc9.)
Bug: 17691572
Change-Id: I23b5ba537f7b557432041d4338b38b9be434e981
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This allows a vendor to force encryption on devices via a vendor
partition flag:
ro.vold.forceencryption 1
Bug: 18764230
Change-Id: Id0049ce64e34e4f6f96e593aadd70c277ac131c8
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The newer fsck.f2fs (1.4.0++) has better fix support, so invoke it.
Requires http://ag/583949 f2fs-tools update.
Bug: 17640053
Bug: 18292088
Change-Id: I42370d92b232e0bdbf28cccf7035a15dbffeb268
Signed-off-by: JP Abgrall <jpa@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 152d2d4234ba89e0c20c4af13e291b6049a7bc33.
Fixed build error, and also fixed memory leak spotted from warning.
Bug: 17691572
Change-Id: I23b5ba537f7b557432041d4338b38b9be434e981
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Build is broken.
system/core/fs_mgr/fs_mgr_verity.c: In function 'fs_mgr_setup_verity':
system/core/fs_mgr/fs_mgr_verity.c:103:20: error: 'verity_table_signature' may be used uninitialized in this function [-Werror=maybe-uninitialized]
if (!RSA_verify(key,
^
system/core/fs_mgr/fs_mgr_verity.c:374:11: note: 'verity_table_signature' was declared here
char *verity_table_signature;
^
cc1: all warnings being treated as errors
make: *** [out/target/product/minnow/obj/STATIC_LIBRARIES/libfs_mgr_intermediates/fs_mgr_verity.o] Error 1
make: *** Waiting for unfinished jobs....
This reverts commit d4cea0bc16d1ad96cc6d6177232d7b339785460c.
Change-Id: I6862cc79ef9d944a2472b6fb2e46dae514cea8ce
|
| |/
|
|
|
|
| |
Bug: 17691572
Change-Id: I58f588f318e7952d06a41325337d946d7c007e31
|
| |
|
|
|
| |
Bug: 17358530
Change-Id: I4cd7403c0b7c4f878d6afa5199f998e6f614adb9
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If the encryptable partition is wiped (4KB worth of 0 or 0xff),
then reboot into recovery to format /data+/cache
This is while waiting for the Mac OS support to format f2fs.
The flashstation running on Mac OS will currently just erase userdata
and not format it with f2fs.
Bug: 15720406
Bug: 15747366
Change-Id: Ib7cca3e1701483a09573457a835750f34da71ee0
|
| |
|
|
|
|
|
|
|
|
|
| |
Move the code that attempts to mount alternative fstab entries
into its own function.
Clarify return codes.
Suggest wipe via recovery in error messages.
Bug: 15747366
Change-Id: I3634477cd4d1d73f974f3e906c53285f0d9e0eac
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Without this, the wrong mount point is flagged as being mounted.
Which leads to:
<6>[ 3.278040] fs_mgr: __mount(source=/dev/block/platform/msm_sdcc.1/by-name/userdata,target=/data,type=ext4)=-1
<7>[ 3.278834] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs
<6>[ 3.278925] fs_mgr: fs_mgr_mount_all(): skipping fstab dup mountpoint=/persist rec[3].fs_type=ext4 already mounted.
Bug: 15925030
Bug: 15976144
Change-Id: I0bc617f11dfc97c32bb2d0e52b94ec19282568eb
|
| |
|
|
|
|
|
|
| |
Moving the vendor symlink down was causing issues with some devices.
Moved it back up, and adjusted mount to remove symlinks if necessary.
Change-Id: I77126d77cfbef32250012bea3960c99b55db4cbb
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When looking for partitions to encrypt, it would setup a tmpfs
onto the mount point. But with multi-type mount points it would
repeat the mount.
This would lead to having and extra tmpfs mounted on /data, as
only one would get removed.
Change-Id: I28f2c2c4955906f1172342ea07e0795d6880986b
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
|
|
|
|
|
|
| |
Modified fastboot to flash vendor.img as well. Moved symlink
for /vendor to occur after mounting partitions. Changed mount
to also create the mount point.
Change-Id: I78e1ba24e6bb8b4af96a67ee0569af579439e682
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do the recovery+wipe if
- the mount fails and
- the partition is forceencrypt
- the partition seems wiped (== the 1st 4KB are all 0x00 or 0xFF).
This is a hack until we get the flashstation up and running with f2fs.
Bug: 15731906
The alternative would be for the user to manually enter
recovery and wipe his device.
Bug: 15747366
Change-Id: Ic8f3ef59f3d7d01d5d93d8e4c01502080f422157
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previous attempt was broken.
It would incorrectly be affected by mount failures.
This changes allows an fstab to contain multiple lines for a given
mount point.
The lines sharing a mount MUST be after each other.
The 1st matching line is the primary when it comes to mounting
and look ups for wiping.
Mounting based on a mount_point will attempt each dup in turn
until one succeeds.
The reported error will be that of the last failed attempt.
This is to allow quick experimentation between different FSes.
Bug: 15702546
Change-Id: I378d68ad13eb0098ec1ccb8dcf108b82acbe9ebb
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
|
|
|
|
|
|
|
| |
This is apparently breaking N5, so reverting for now.
This reverts commit a794f86522f9125f2547c94ebc7c74d1e7ace013.
Bug: 15709256
Change-Id: I37a5160eead17e153e2c83fa94632ffa5d8553c2
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes allows an fstab to contain multiple lines for a given
mount point.
The lines sharing a mount MUST be after each other.
The 1st matching line is the primary when it comes to mounting
and look ups for wiping.
Mounting based on a mount_point will attempt each dup in turn
until one succeeds.
This is to allow quick experimentations between different FSes.
It does not deal with checkfs yet, because the underlying invocation
of fs-type appropriate fsck does not handle the error code.
Only the primary FS (1st in the dups) is checked.
Change-Id: I8329737454b53e2681436fe85cd00a9bc522676b
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Enables fsck.f2fs for partitions with type F2FS.
- Adds support for f2fs as format fs-type.
- f2fs is optional and support is dlopen()d when needed.
Needs changes in
system/extras/f2fs_utils
external/f2fs-tools
Change-Id: I8d141a0d4d14df9fe84d3b131484e9696fcd8870
Signed-off-by: JP Abgrall <jpa@google.com>
|
| |
|
|
|
|
|
|
|
| |
forceencrypt= will encrypt the drive at boot if it is not encrypted. This change
will not have an impact until we set this flag in appropirate fstabs.
Bug: 11985952
Change-Id: I6c65eda7f109e4936aa160da50f871703aefb351
|
| |
|
|
|
|
|
|
|
|
| |
This checks ro.debuggable to determine whether a device is in the
debuggable state or not, disabling verification if it is.
Eventually we'd like to narrow this down to only devices which
need to disable it, but we aren't there yet.
Change-Id: I06a329fe5449deab6bae595877dbb1f200850241
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Modify fs_mgr to unmount encryptable drives after test mounting them and
then trigger an auto-encrypt via the init script
Needs matching vold changes from
https://googleplex-android-review.googlesource.com/#/c/414200/
Feature is limited to list of serial numbers with this change
Bug: 11985952
Change-Id: I84f85a258b6a7e9809467c9149249302e203c41b
|
| |
|
|
|
|
|
|
|
|
| |
Since 38afe5f4ba5fd834a221a636e63d311fa5a17c8a
fs_mgr_mount_all() will try to behave more like "mount -a"
So prevent inaccessible or busy (already mounted) encryptable filesystems
from mounting tmpfs in their mount points.
Change-Id: I32e5b3e26f2138d1e4d9ef8ba01c1466f8051d39
|
| |
|
|
| |
Change-Id: I0d58dd17d979b749a9ac03567cf2d395f9782f10
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
These images do not have GPL-ed binaries like /system/bin/e2fsck so
avoid running the program when we detect that we're running inside
one of them.
Note that this does not affect other emulator-based build products
(e..g full-eng instead of sdk-eng), which do have the binaries.
BUG=13057123
Change-Id: Ia42f1d02a3845fbf4b2f9d95818f35d760711a12
|
| |
|
|
|
|
|
|
| |
Move fstab parsing into fs_mgr_fstab.c so that it compiles into a
separate compilation unit. uncrypt links against it but doesn't
need to pull in the rest of the dependencies on fs_mgr.c.
Change-Id: I6bffe1cd42720151533e958028259d1931aaa4bf
|
