• nkk71's avatar
    vold_decrypt: FDE Keymaster 3.0 support · 7d1222a5
    nkk71 authored
    * HTC U11 Oreo is using keymaster3 FDE encryption which requires
      the new services:
        1- /system/bin/hwservicemanager
        2- /vendor/bin/hw/android.hardware.keymaster@3.0-service
        3- /vendor/bin/qseecomd (instead of /system/bin/qseecomd)
      So in addition to /vendor/lib and /vendor/lib64 also
      symlink /system/vendor/bin to /vendor/bin.
    * vold_decrypt services now have separate prefixes:
        1- 'sys_' referring to /system/bin
        2- 'ven_' referring to /vendor/bin
    * The additional (hwservicemanager, keymaster-3-0) and modified
      (qseecomd) .rc files have been updated in the vold_decrypt
      Comments were added directly in the .rc files, please check
    * /etc/recovery.fstab needs to be temporarily moved since
      vold will use it if it finds the '/sbin/recovery' file
      (refer to fs_mgr for the fstab load code https://goo.gl/8KaZyf).
      Since fs_mgr cannot parse TWRP style fstab, we 'hide' it
      and attempt to create a symlink to /fstab.{ro.hardware}.
    Also remove shell dependencies, code cleanup, new error codes:
    * Critical sections of vold_decrypt should not rely on the external
      shell (and the available binaries) provided by TWFunc::Exec_Cmd.
      Doing so may lead to failures resulting from different shell
      provided binaries not working properly, especially since busybox
      can be inconsistent across different trees.
      In particular the following functions have been changed:
      * run_vdc() no longer uses daisy chained commands, instead
        it now forks and executes vdc directly including a 30 second
        built in timeout.
      * Symlink_Firmware_Files() no longer relies on the shell 'find'
        command to retrieve the list of firmware/vendor files and instead
        uses a built in function, Find_Firmware_Files(), which traverses
        the system partition to retrieve the list of files.
    * The code has also been cleaned up a little for better consistency,
      and vold_decrypt will now return various error codes for the
      different failures, as defined in vold_decrypt.h, which allows the
      gui_msg to be moved back to partitionmanager.cpp.
    Notes regarding pre Android 8.0 builds:
    * Service names in .rc files cannot exceed 16 characters (including
      the prepended 'sys_' or 'ven_') in Android 7.1 and below, so a
      service name such as 'sys_hwservicemanager' is out of the question
      for 7.1 and below.
    * hwservicemanager will check ACLs on 'hwservicemanager' and 'ITokenManager'
      if they are even allowed to run, otherwise the interfaces will fail.
      The policies have only been introduced in 8.0, and although it is possible
      to manually add them to the 7.1 policies it's not recommended.
    * Therefore the best course of action is to build in 8.0.
    * SIDE NOTE: On the HTC U11 we are actually using omni-7.1 with some changes
      in the device tree to support both Nougat and Oreo decryption, please
      refer to:
        1- https://gerrit.twrp.me/c/2756/ for the necessary sepolicy and
           BoardConfig changes.
        2- The Android.mk file for vold_decrypt was modified to truncate
           greater than 16 character service names (as mentioned therein)
    Other changes:
    * TW_CRYPTO_SYSTEM_VOLD_DISABLE_TIMEOUT is now deprecated due to built-
      in fork and timeout.
    * Output_dmesg_to_recovery_log() is also deprecated so upon a failed
      decryption the recovery.log will no longer append it, instead you can
      just use 'adb shell dmesg' to check it. Nonetheless if a true debug
      build is needed use the original TW_CRYPTO_SYSTEM_VOLD_DEBUG flag as
      outlined in the original commit message (see below).
    Usage info:
    This is an update to the initial vold_decrypt, for more info refer to
    Change-Id: Id7129d125ae7f5dcba0779489825add718022ba3
partitionmanager.cpp 95 KB