Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8879f272 authored by Eric Biggers's avatar Eric Biggers Committed by Gerrit Code Review
Browse files

Merge changes from topic "remove-fde"

* changes:
  init.rc: remove handling of vold.decrypt property changes
  fs_mgr: remove FDE-specific FS_MGR_MNTALL codes
  init: remove FDE workaround from load_persist_props
  init: stop handling FDE-specific fs_mgr return codes
  fs_mgr: remove crypt_footer argument from fs_mgr_do_format()
  fs_mgr: remove FDE fields from FstabEntry
  fs_mgr: remove code that handles FDE
  fs_mgr: stop allowing the FDE fstab options
parents 57e19ac4 335cd1f4
Loading
Loading
Loading
Loading
+7 −74
Original line number Diff line number Diff line
@@ -75,9 +75,6 @@
#include "blockdev.h"
#include "fs_mgr_priv.h"

#define KEY_LOC_PROP   "ro.crypto.keyfile.userdata"
#define KEY_IN_FOOTER  "footer"

#define E2FSCK_BIN      "/system/bin/e2fsck"
#define F2FS_FSCK_BIN   "/system/bin/fsck.f2fs"
#define MKSWAP_BIN      "/system/bin/mkswap"
@@ -907,7 +904,7 @@ static bool mount_with_alternatives(const Fstab& fstab, int start_idx, int* end_
                   << "(): skipping mount due to invalid magic, mountpoint=" << fstab[i].mount_point
                   << " blk_dev=" << realpath(fstab[i].blk_device) << " rec[" << i
                   << "].fs_type=" << fstab[i].fs_type;
            mount_errno = EINVAL;  // continue bootup for FDE
            mount_errno = EINVAL;  // continue bootup for metadata encryption
            continue;
        }

@@ -1005,50 +1002,22 @@ static bool TranslateExtLabels(FstabEntry* entry) {
    return false;
}

static bool needs_block_encryption(const FstabEntry& entry) {
    if (android::base::GetBoolProperty("ro.vold.forceencryption", false) && entry.is_encryptable())
        return true;
    if (entry.fs_mgr_flags.force_crypt) return true;
    if (entry.fs_mgr_flags.crypt) {
        // Check for existence of convert_fde breadcrumb file.
        auto convert_fde_name = entry.mount_point + "/misc/vold/convert_fde";
        if (access(convert_fde_name.c_str(), F_OK) == 0) return true;
    }
    if (entry.fs_mgr_flags.force_fde_or_fbe) {
        // Check for absence of convert_fbe breadcrumb file.
        auto convert_fbe_name = entry.mount_point + "/convert_fbe";
        if (access(convert_fbe_name.c_str(), F_OK) != 0) return true;
    }
    return false;
}

static bool should_use_metadata_encryption(const FstabEntry& entry) {
    return !entry.metadata_key_dir.empty() &&
           (entry.fs_mgr_flags.file_encryption || entry.fs_mgr_flags.force_fde_or_fbe);
    return !entry.metadata_key_dir.empty() && entry.fs_mgr_flags.file_encryption;
}

// Check to see if a mountable volume has encryption requirements
static int handle_encryptable(const FstabEntry& entry) {
    // If this is block encryptable, need to trigger encryption.
    if (needs_block_encryption(entry)) {
        if (umount(entry.mount_point.c_str()) == 0) {
            return FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION;
        } else {
            PWARNING << "Could not umount " << entry.mount_point << " - allow continue unencrypted";
            return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
        }
    } else if (should_use_metadata_encryption(entry)) {
    if (should_use_metadata_encryption(entry)) {
        if (umount(entry.mount_point.c_str()) == 0) {
            return FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION;
        } else {
            PERROR << "Could not umount " << entry.mount_point << " - fail since can't encrypt";
            return FS_MGR_MNTALL_FAIL;
        }
    } else if (entry.fs_mgr_flags.file_encryption || entry.fs_mgr_flags.force_fde_or_fbe) {
    } else if (entry.fs_mgr_flags.file_encryption) {
        LINFO << entry.mount_point << " is file encrypted";
        return FS_MGR_MNTALL_DEV_FILE_ENCRYPTED;
    } else if (entry.is_encryptable()) {
        return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
    } else {
        return FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE;
    }
@@ -1056,9 +1025,6 @@ static int handle_encryptable(const FstabEntry& entry) {

static void set_type_property(int status) {
    switch (status) {
        case FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED:
            SetProperty("ro.crypto.type", "block");
            break;
        case FS_MGR_MNTALL_DEV_FILE_ENCRYPTED:
        case FS_MGR_MNTALL_DEV_IS_METADATA_ENCRYPTED:
        case FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION:
@@ -1532,7 +1498,6 @@ MountAllResult fs_mgr_mount_all(Fstab* fstab, int mount_mode) {

        // Mounting failed, understand why and retry.
        wiped = partition_wiped(current_entry.blk_device.c_str());
        bool crypt_footer = false;
        if (mount_errno != EBUSY && mount_errno != EACCES &&
            current_entry.fs_mgr_flags.formattable && wiped) {
            // current_entry and attempted_entry point at the same partition, but sometimes
@@ -1544,19 +1509,6 @@ MountAllResult fs_mgr_mount_all(Fstab* fstab, int mount_mode) {

            checkpoint_manager.Revert(&current_entry);

            if (current_entry.is_encryptable() && current_entry.key_loc != KEY_IN_FOOTER) {
                unique_fd fd(TEMP_FAILURE_RETRY(
                        open(current_entry.key_loc.c_str(), O_WRONLY | O_CLOEXEC)));
                if (fd >= 0) {
                    LINFO << __FUNCTION__ << "(): also wipe " << current_entry.key_loc;
                    wipe_block_device(fd, get_file_size(fd));
                } else {
                    PERROR << __FUNCTION__ << "(): " << current_entry.key_loc << " wouldn't open";
                }
            } else if (current_entry.is_encryptable() && current_entry.key_loc == KEY_IN_FOOTER) {
                crypt_footer = true;
            }

            // EncryptInplace will be used when vdc gives an error or needs to format partitions
            // other than /data
            if (should_use_metadata_encryption(current_entry) &&
@@ -1577,7 +1529,7 @@ MountAllResult fs_mgr_mount_all(Fstab* fstab, int mount_mode) {
                }
            }

            if (fs_mgr_do_format(current_entry, crypt_footer) == 0) {
            if (fs_mgr_do_format(current_entry) == 0) {
                // Let's replay the mount actions.
                i = top_idx - 1;
                continue;
@@ -1590,26 +1542,7 @@ MountAllResult fs_mgr_mount_all(Fstab* fstab, int mount_mode) {
        }

        // mount(2) returned an error, handle the encryptable/formattable case.
        if (mount_errno != EBUSY && mount_errno != EACCES && attempted_entry.is_encryptable()) {
            if (wiped) {
                LERROR << __FUNCTION__ << "(): " << attempted_entry.blk_device << " is wiped and "
                       << attempted_entry.mount_point << " " << attempted_entry.fs_type
                       << " is encryptable. Suggest recovery...";
                encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;
                continue;
            } else {
                // Need to mount a tmpfs at this mountpoint for now, and set
                // properties that vold will query later for decrypting
                LERROR << __FUNCTION__ << "(): possibly an encryptable blkdev "
                       << attempted_entry.blk_device << " for mount " << attempted_entry.mount_point
                       << " type " << attempted_entry.fs_type;
                if (fs_mgr_do_tmpfs_mount(attempted_entry.mount_point.c_str()) < 0) {
                    ++error_count;
                    continue;
                }
            }
            encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
        } else if (mount_errno != EBUSY && mount_errno != EACCES &&
        if (mount_errno != EBUSY && mount_errno != EACCES &&
            should_use_metadata_encryption(attempted_entry)) {
            if (!call_vdc({"cryptfs", "mountFstab", attempted_entry.blk_device,
                           attempted_entry.mount_point},
+7 −14
Original line number Diff line number Diff line
@@ -34,7 +34,6 @@
#include <selinux/selinux.h>

#include "fs_mgr_priv.h"
#include "cryptfs.h"

using android::base::unique_fd;

@@ -58,7 +57,7 @@ static int get_dev_sz(const std::string& fs_blkdev, uint64_t* dev_sz) {
}

static int format_ext4(const std::string& fs_blkdev, const std::string& fs_mnt_point,
                       bool crypt_footer, bool needs_projid, bool needs_metadata_csum) {
                       bool needs_projid, bool needs_metadata_csum) {
    uint64_t dev_sz;
    int rc = 0;

@@ -68,9 +67,6 @@ static int format_ext4(const std::string& fs_blkdev, const std::string& fs_mnt_p
    }

    /* Format the partition using the calculated length */
    if (crypt_footer) {
        dev_sz -= CRYPT_FOOTER_OFFSET;
    }

    std::string size_str = std::to_string(dev_sz / 4096);

@@ -120,8 +116,8 @@ static int format_ext4(const std::string& fs_blkdev, const std::string& fs_mnt_p
    return rc;
}

static int format_f2fs(const std::string& fs_blkdev, uint64_t dev_sz, bool crypt_footer,
                       bool needs_projid, bool needs_casefold, bool fs_compress) {
static int format_f2fs(const std::string& fs_blkdev, uint64_t dev_sz, bool needs_projid,
                       bool needs_casefold, bool fs_compress) {
    if (!dev_sz) {
        int rc = get_dev_sz(fs_blkdev, &dev_sz);
        if (rc) {
@@ -130,9 +126,6 @@ static int format_f2fs(const std::string& fs_blkdev, uint64_t dev_sz, bool crypt
    }

    /* Format the partition using the calculated length */
    if (crypt_footer) {
        dev_sz -= CRYPT_FOOTER_OFFSET;
    }

    std::string size_str = std::to_string(dev_sz / 4096);

@@ -159,7 +152,7 @@ static int format_f2fs(const std::string& fs_blkdev, uint64_t dev_sz, bool crypt
    return logwrap_fork_execvp(args.size(), args.data(), nullptr, false, LOG_KLOG, false, nullptr);
}

int fs_mgr_do_format(const FstabEntry& entry, bool crypt_footer) {
int fs_mgr_do_format(const FstabEntry& entry) {
    LERROR << __FUNCTION__ << ": Format " << entry.blk_device << " as '" << entry.fs_type << "'";

    bool needs_casefold = false;
@@ -171,10 +164,10 @@ int fs_mgr_do_format(const FstabEntry& entry, bool crypt_footer) {
    }

    if (entry.fs_type == "f2fs") {
        return format_f2fs(entry.blk_device, entry.length, crypt_footer, needs_projid,
                           needs_casefold, entry.fs_mgr_flags.fs_compress);
        return format_f2fs(entry.blk_device, entry.length, needs_projid, needs_casefold,
                           entry.fs_mgr_flags.fs_compress);
    } else if (entry.fs_type == "ext4") {
        return format_ext4(entry.blk_device, entry.mount_point, crypt_footer, needs_projid,
        return format_ext4(entry.blk_device, entry.mount_point, needs_projid,
                           entry.fs_mgr_flags.ext_meta_csum);
    } else {
        LERROR << "File system type '" << entry.fs_type << "' is not supported";
+25 −15
Original line number Diff line number Diff line
@@ -146,7 +146,7 @@ void ParseMountFlags(const std::string& flags, FstabEntry* entry) {
    entry->fs_options = std::move(fs_options);
}

void ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {
bool ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {
    for (const auto& flag : Split(flags, ",")) {
        if (flag.empty() || flag == "defaults") continue;
        std::string arg;
@@ -188,10 +188,20 @@ void ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {
#undef CheckFlag

        // Then handle flags that take an argument.
        if (StartsWith(flag, "encryptable=")) {
            // The encryptable flag is followed by an = and the  location of the keys.
        if (flag == "encryptable=userdata") {
            // The "encryptable" flag identifies adoptable storage volumes.  The
            // argument to this flag must be "userdata".
            //
            // Historical note: this flag was originally meant just for /data,
            // to indicate that FDE (full disk encryption) can be enabled.
            // Unfortunately, it was also overloaded to identify adoptable
            // storage volumes.  Today, FDE is no longer supported, leaving only
            // the adoptable storage volume meaning for this flag.
            entry->fs_mgr_flags.crypt = true;
            entry->key_loc = arg;
        } else if (StartsWith(flag, "encryptable=") || StartsWith(flag, "forceencrypt=") ||
                   StartsWith(flag, "forcefdeorfbe=")) {
            LERROR << "flag no longer supported: " << flag;
            return false;
        } else if (StartsWith(flag, "voldmanaged=")) {
            // The voldmanaged flag is followed by an = and the label, a colon and the partition
            // number or the word "auto", e.g. voldmanaged=sdcard:3
@@ -235,18 +245,8 @@ void ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {
                    LWARNING << "Warning: zramsize= flag malformed: " << arg;
                }
            }
        } else if (StartsWith(flag, "forceencrypt=")) {
            // The forceencrypt flag is followed by an = and the location of the keys.
            entry->fs_mgr_flags.force_crypt = true;
            entry->key_loc = arg;
        } else if (StartsWith(flag, "fileencryption=")) {
            ParseFileEncryption(arg, entry);
        } else if (StartsWith(flag, "forcefdeorfbe=")) {
            // The forcefdeorfbe flag is followed by an = and the location of the keys.  Get it and
            // return it.
            entry->fs_mgr_flags.force_fde_or_fbe = true;
            entry->key_loc = arg;
            entry->encryption_options = "aes-256-xts:aes-256-cts";
        } else if (StartsWith(flag, "max_comp_streams=")) {
            if (!ParseInt(arg, &entry->max_comp_streams)) {
                LWARNING << "Warning: max_comp_streams= flag malformed: " << arg;
@@ -306,6 +306,13 @@ void ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {
            LWARNING << "Warning: unknown flag: " << flag;
        }
    }

    if (entry->fs_mgr_flags.crypt && !entry->fs_mgr_flags.vold_managed) {
        LERROR << "FDE is no longer supported; 'encryptable' can only be used for adoptable "
                  "storage";
        return false;
    }
    return true;
}

std::string InitAndroidDtDir() {
@@ -576,7 +583,10 @@ bool ReadFstabFromFp(FILE* fstab_file, bool proc_mounts, Fstab* fstab_out) {
            goto err;
        }

        ParseFsMgrFlags(p, &entry);
        if (!ParseFsMgrFlags(p, &entry)) {
            LERROR << "Error parsing fs_mgr_flags";
            goto err;
        }

        if (entry.fs_mgr_flags.logical) {
            entry.logical_partition_name = entry.blk_device;
+1 −2
Original line number Diff line number Diff line
@@ -125,8 +125,7 @@ bool TryPathMount(FstabEntry* rec, const std::string& mount_pt) {
    int result = fs_mgr_do_mount_one(*rec, mount_point);
    if (result == -1 && rec->fs_mgr_flags.formattable) {
        PERROR << "Failed to mount " << mount_point << "; formatting";
        bool crypt_footer = rec->is_encryptable() && rec->key_loc == "footer";
        if (fs_mgr_do_format(*rec, crypt_footer) != 0) {
        if (fs_mgr_do_format(*rec) != 0) {
            PERROR << "Failed to format " << mount_point;
            return false;
        }
+1 −4
Original line number Diff line number Diff line
@@ -56,9 +56,6 @@ enum mount_mode {
#define FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION 6
#define FS_MGR_MNTALL_DEV_FILE_ENCRYPTED 5
#define FS_MGR_MNTALL_DEV_NEEDS_RECOVERY 4
#define FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION 3
#define FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED 2
#define FS_MGR_MNTALL_DEV_NOT_ENCRYPTED 1
#define FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE 0
#define FS_MGR_MNTALL_FAIL (-1)

@@ -107,7 +104,7 @@ bool fs_mgr_update_logical_partition(android::fs_mgr::FstabEntry* entry);
// device is in "check_at_most_once" mode.
bool fs_mgr_verity_is_check_at_most_once(const android::fs_mgr::FstabEntry& entry);

int fs_mgr_do_format(const android::fs_mgr::FstabEntry& entry, bool reserve_footer);
int fs_mgr_do_format(const android::fs_mgr::FstabEntry& entry);

#define FS_MGR_SETUP_VERITY_SKIPPED  (-3)
#define FS_MGR_SETUP_VERITY_DISABLED (-2)
Loading