Empty merge of Android 24Q2 Release (ab/11526283) to aosp-main-future
Bug: 337098550
Merged-In: Ic082f8803bfddf523f6016d4924dbcf9abc036ae
Change-Id: I341e01a7cf1e8e7b5278f54812b69a0706473d70
diff --git a/AppFuseUtil.cpp b/AppFuseUtil.cpp
index a3beaec..711e70b 100644
--- a/AppFuseUtil.cpp
+++ b/AppFuseUtil.cpp
@@ -50,15 +50,14 @@
static android::status_t Mount(int device_fd, const std::string& path) {
const auto opts = StringPrintf(
- "fd=%i,"
- "rootmode=40000,"
- "default_permissions,"
- "allow_other,"
- "max_read=65536,"
- "user_id=0,group_id=0,"
- "context=\"u:object_r:app_fuse_file:s0\","
- "fscontext=u:object_r:app_fusefs:s0",
- device_fd);
+ "fd=%i,"
+ "rootmode=40000,"
+ "default_permissions,"
+ "allow_other,"
+ "user_id=0,group_id=0,"
+ "context=\"u:object_r:app_fuse_file:s0\","
+ "fscontext=u:object_r:app_fusefs:s0",
+ device_fd);
const int result =
TEMP_FAILURE_RETRY(mount("/dev/fuse", path.c_str(), "fuse",
diff --git a/Checkpoint.cpp b/Checkpoint.cpp
index eca49ef..598a87b 100644
--- a/Checkpoint.cpp
+++ b/Checkpoint.cpp
@@ -198,7 +198,8 @@
// Walk mounted file systems
for (const auto& mount_rec : mounts) {
- const auto fstab_rec = GetEntryForMountPoint(&fstab_default, mount_rec.mount_point);
+ const auto fstab_rec =
+ GetEntryForMountPoint(&fstab_default, mount_rec.mount_point, mount_rec.fs_type);
if (!fstab_rec) continue;
if (fstab_rec->fs_mgr_flags.checkpoint_fs) {
diff --git a/FsCrypt.cpp b/FsCrypt.cpp
index 51b35c5..3eb4599 100644
--- a/FsCrypt.cpp
+++ b/FsCrypt.cpp
@@ -675,26 +675,13 @@
return success;
}
-static bool parse_hex(const std::string& hex, std::string* result) {
- if (hex == "!") {
- *result = "";
- return true;
- }
- if (android::vold::HexToStr(hex, *result) != 0) {
- LOG(ERROR) << "Invalid FBE hex string"; // Don't log the string for security reasons
- return false;
- }
- return true;
-}
-
-static std::optional<android::vold::KeyAuthentication> authentication_from_hex(
- const std::string& secret_hex) {
- std::string secret;
- if (!parse_hex(secret_hex, &secret)) return std::optional<android::vold::KeyAuthentication>();
- if (secret.empty()) {
+static android::vold::KeyAuthentication authentication_from_secret(
+ const std::vector<uint8_t>& secret) {
+ std::string secret_str(secret.begin(), secret.end());
+ if (secret_str.empty()) {
return kEmptyAuthentication;
} else {
- return android::vold::KeyAuthentication(secret);
+ return android::vold::KeyAuthentication(secret_str);
}
}
@@ -743,12 +730,11 @@
// re-encrypting the CE key upon upgrade from an Android version where the CE
// key was stored with kEmptyAuthentication when the user didn't have an LSKF.
// See the comments below for the different cases handled.
-bool fscrypt_set_ce_key_protection(userid_t user_id, const std::string& secret_hex) {
+bool fscrypt_set_ce_key_protection(userid_t user_id, const std::vector<uint8_t>& secret) {
LOG(DEBUG) << "fscrypt_set_ce_key_protection " << user_id;
if (!IsFbeEnabled()) return true;
- auto auth = authentication_from_hex(secret_hex);
- if (!auth) return false;
- if (auth->secret.empty()) {
+ auto auth = authentication_from_secret(secret);
+ if (auth.secret.empty()) {
LOG(ERROR) << "fscrypt_set_ce_key_protection: secret must be nonempty";
return false;
}
@@ -776,7 +762,7 @@
// with the given secret. This isn't expected, but in theory it
// could happen if an upgrade is requested for a user more than once
// due to a power-off or other interruption.
- if (read_and_fixate_user_ce_key(user_id, *auth, &ce_key)) {
+ if (read_and_fixate_user_ce_key(user_id, auth, &ce_key)) {
LOG(WARNING) << "CE key is already protected by given secret";
return true;
}
@@ -802,7 +788,7 @@
auto const paths = get_ce_key_paths(directory_path);
std::string ce_key_path;
if (!get_ce_key_new_path(directory_path, paths, &ce_key_path)) return false;
- if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp, *auth, ce_key)) return false;
+ if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp, auth, ce_key)) return false;
// Fixate the key, i.e. delete all other bindings of it. (In practice this
// just means the kEmptyAuthentication binding, if there is one.) However,
@@ -845,17 +831,16 @@
// Unlocks internal CE storage for the given user. This only unlocks internal storage, since
// fscrypt_prepare_user_storage() has to be called for each adoptable storage volume anyway (since
// the volume might have been absent when the user was created), and that handles the unlocking.
-bool fscrypt_unlock_ce_storage(userid_t user_id, const std::string& secret_hex) {
+bool fscrypt_unlock_ce_storage(userid_t user_id, const std::vector<uint8_t>& secret) {
LOG(DEBUG) << "fscrypt_unlock_ce_storage " << user_id;
if (!IsFbeEnabled()) return true;
if (s_ce_policies.count(user_id) != 0) {
LOG(WARNING) << "CE storage for user " << user_id << " is already unlocked";
return true;
}
- auto auth = authentication_from_hex(secret_hex);
- if (!auth) return false;
+ auto auth = authentication_from_secret(secret);
KeyBuffer ce_key;
- if (!read_and_fixate_user_ce_key(user_id, *auth, &ce_key)) return false;
+ if (!read_and_fixate_user_ce_key(user_id, auth, &ce_key)) return false;
EncryptionPolicy ce_policy;
if (!install_storage_key(DATA_MNT_POINT, s_data_options, ce_key, &ce_policy)) return false;
s_ce_policies[user_id].internal = ce_policy;
diff --git a/FsCrypt.h b/FsCrypt.h
index afcedfb..be21fba 100644
--- a/FsCrypt.h
+++ b/FsCrypt.h
@@ -25,11 +25,11 @@
extern bool fscrypt_init_user0_done;
bool fscrypt_create_user_keys(userid_t user_id, bool ephemeral);
bool fscrypt_destroy_user_keys(userid_t user_id);
-bool fscrypt_set_ce_key_protection(userid_t user_id, const std::string& secret);
+bool fscrypt_set_ce_key_protection(userid_t user_id, const std::vector<uint8_t>& secret);
void fscrypt_deferred_fixate_ce_keys();
std::vector<int> fscrypt_get_unlocked_users();
-bool fscrypt_unlock_ce_storage(userid_t user_id, const std::string& secret);
+bool fscrypt_unlock_ce_storage(userid_t user_id, const std::vector<uint8_t>& secret);
bool fscrypt_lock_ce_storage(userid_t user_id);
bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index 96f4eaf..b36856a 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp
@@ -630,7 +630,7 @@
}
binder::Status VoldNativeService::setCeStorageProtection(int32_t userId,
- const std::string& secret) {
+ const std::vector<uint8_t>& secret) {
ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_CRYPT_LOCK;
@@ -645,7 +645,8 @@
return Ok();
}
-binder::Status VoldNativeService::unlockCeStorage(int32_t userId, const std::string& secret) {
+binder::Status VoldNativeService::unlockCeStorage(int32_t userId,
+ const std::vector<uint8_t>& secret) {
ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_CRYPT_LOCK;
diff --git a/VoldNativeService.h b/VoldNativeService.h
index bb00d35..a4fbf00 100644
--- a/VoldNativeService.h
+++ b/VoldNativeService.h
@@ -116,10 +116,10 @@
binder::Status createUserStorageKeys(int32_t userId, bool ephemeral);
binder::Status destroyUserStorageKeys(int32_t userId);
- binder::Status setCeStorageProtection(int32_t userId, const std::string& secret);
+ binder::Status setCeStorageProtection(int32_t userId, const std::vector<uint8_t>& secret);
binder::Status getUnlockedUsers(std::vector<int>* _aidl_return);
- binder::Status unlockCeStorage(int32_t userId, const std::string& secret);
+ binder::Status unlockCeStorage(int32_t userId, const std::vector<uint8_t>& secret);
binder::Status lockCeStorage(int32_t userId);
binder::Status prepareUserStorage(const std::optional<std::string>& uuid, int32_t userId,
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index c981f2d..a1ac20d 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -921,25 +921,34 @@
int VolumeManager::reset() {
// Tear down all existing disks/volumes and start from a blank slate so
// newly connected framework hears all events.
+
+ // Destroy StubVolume disks. This needs to be done before destroying
+ // EmulatedVolumes because in ARC (Android on ChromeOS), ChromeOS Downloads
+ // directory (which is in a StubVolume) is bind-mounted to
+ // /data/media/0/Download.
+ // We do not recreate StubVolumes here because they are managed from outside
+ // Android (e.g. from ChromeOS) and their disk recreation on reset events
+ // should be handled from outside by calling createStubVolume() again.
+ for (const auto& disk : mDisks) {
+ if (disk->isStub()) {
+ disk->destroy();
+ }
+ }
+ // Remove StubVolume from both mDisks and mPendingDisks.
+ const auto isStub = [](const auto& disk) { return disk->isStub(); };
+ mDisks.remove_if(isStub);
+ mPendingDisks.remove_if(isStub);
+
for (const auto& vol : mInternalEmulatedVolumes) {
vol->destroy();
}
mInternalEmulatedVolumes.clear();
- // Destroy and recreate all disks except that StubVolume disks are just
- // destroyed and removed from both mDisks and mPendingDisks.
- // StubVolumes are managed from outside Android (e.g. from Chrome OS) and
- // their disk recreation on reset events should be handled from outside by
- // calling createStubVolume() again.
+ // Destroy and recreate non-StubVolume disks.
for (const auto& disk : mDisks) {
disk->destroy();
- if (!disk->isStub()) {
- disk->create();
- }
+ disk->create();
}
- const auto isStub = [](const auto& disk) { return disk->isStub(); };
- mDisks.remove_if(isStub);
- mPendingDisks.remove_if(isStub);
updateVirtualDisk();
mAddedUsers.clear();
@@ -958,11 +967,20 @@
return 0; // already shutdown
}
android::vold::sSleepOnUnmount = false;
+ // Destroy StubVolume disks before destroying EmulatedVolumes (see the
+ // comment in VolumeManager::reset()).
+ for (const auto& disk : mDisks) {
+ if (disk->isStub()) {
+ disk->destroy();
+ }
+ }
for (const auto& vol : mInternalEmulatedVolumes) {
vol->destroy();
}
for (const auto& disk : mDisks) {
- disk->destroy();
+ if (!disk->isStub()) {
+ disk->destroy();
+ }
}
mInternalEmulatedVolumes.clear();
@@ -978,11 +996,20 @@
ATRACE_NAME("VolumeManager::unmountAll()");
// First, try gracefully unmounting all known devices
+ // Unmount StubVolume disks before unmounting EmulatedVolumes (see the
+ // comment in VolumeManager::reset()).
+ for (const auto& disk : mDisks) {
+ if (disk->isStub()) {
+ disk->unmountAll();
+ }
+ }
for (const auto& vol : mInternalEmulatedVolumes) {
vol->unmount();
}
for (const auto& disk : mDisks) {
- disk->unmountAll();
+ if (!disk->isStub()) {
+ disk->unmountAll();
+ }
}
// Worst case we might have some stale mounts lurking around, so
diff --git a/binder/android/os/IVold.aidl b/binder/android/os/IVold.aidl
index d121dee..d37697b 100644
--- a/binder/android/os/IVold.aidl
+++ b/binder/android/os/IVold.aidl
@@ -22,6 +22,7 @@
import android.os.IVoldTaskListener;
/** {@hide} */
+@SensitiveData
interface IVold {
void setListener(IVoldListener listener);
@@ -90,10 +91,10 @@
void createUserStorageKeys(int userId, boolean ephemeral);
void destroyUserStorageKeys(int userId);
- void setCeStorageProtection(int userId, @utf8InCpp String secret);
+ void setCeStorageProtection(int userId, in byte[] secret);
int[] getUnlockedUsers();
- void unlockCeStorage(int userId, @utf8InCpp String secret);
+ void unlockCeStorage(int userId, in byte[] secret);
void lockCeStorage(int userId);
void prepareUserStorage(@nullable @utf8InCpp String uuid, int userId, int storageFlags);
diff --git a/model/Disk.cpp b/model/Disk.cpp
index 4df4e9d..01cd0c3 100644
--- a/model/Disk.cpp
+++ b/model/Disk.cpp
@@ -365,7 +365,6 @@
continue;
}
} else if (*it == "PART") {
- foundParts = true;
if (++it == split.end()) continue;
int i = 0;
@@ -390,6 +389,7 @@
case 0x0c: // W95 FAT32 (LBA)
case 0x0e: // W95 FAT16 (LBA)
createPublicVolume(partDevice);
+ foundParts = true;
break;
}
} else if (table == Table::kGpt) {
@@ -400,8 +400,10 @@
if (android::base::EqualsIgnoreCase(typeGuid, kGptBasicData)) {
createPublicVolume(partDevice);
+ foundParts = true;
} else if (android::base::EqualsIgnoreCase(typeGuid, kGptAndroidExpand)) {
createPrivateVolume(partDevice, partGuid);
+ foundParts = true;
}
}
}
diff --git a/tests/Android.bp b/tests/Android.bp
index 36142b4..95a9580 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -1,4 +1,5 @@
package {
+ default_team: "trendy_team_android_kernel",
default_applicable_licenses: ["Android-Apache-2.0"],
}
@@ -14,7 +15,7 @@
"VoldNativeServiceValidation_test.cpp",
],
static_libs: ["libvold"],
- shared_libs: ["libbinder"]
+ shared_libs: ["libbinder"],
}
cc_fuzz {
@@ -24,7 +25,7 @@
"vold_default_libs",
"keystore2_use_latest_aidl_ndk_shared",
"service_fuzzer_defaults",
- "fuzzer_disable_leaks"
+ "fuzzer_disable_leaks",
],
static_libs: [
"libvold",
@@ -40,5 +41,5 @@
cc: [
"maco@google.com",
],
- }
+ },
}