Age | Commit message (Collapse) | Author |
|
Revert submission 15071196-init_first_stage_soong
Reason for revert: fixes b/192248690
Reverted Changes:
I23cf4f975:Add ramdisk_available to init_first_stage's deps
Icd98c7e24:Add ramdisk_available to init_first_stage's deps
If9da9ba16:Add ramdisk_available to init_first_stage's deps
Ibc8668029:Add ramdisk_available to init_first_stage's deps
I3b4b8c475:Add ramdisk_available to init_first_stage's deps
I59cd149e0:Completely migrate init first stage to Soong
I36d789578:Add ramdisk_available to init_first_stage's deps
I2a0daa612:Add BUILD_USES_RECOVERY_AS_BOOT to soong config
Ic76c325ce:Directly create ramdisk dirs in ramdisk image rule...
I4c5374deb:Add BOARD_BUILD_SYSTEM_ROOT_IMAGE to config vars
I8aab5faf3:Add ramdisk_available to init_first_stage's deps
I9d5a10661:Add ramdisk_available to init_first_stage's deps
Iaa2edeb4a:Add ramdisk_available to init_first_stage's deps
I7cb582ca0:Update init_first_stage
I06091d15e:Add ramdisk_available to init_first_stage's deps
I8bdb8dda3:Add ramdisk_available to init_first_stage's deps
I7436b8dd1:Add ramdisk_available to init_first_stage's deps
I39693fd86:Add ramdisk_available to init_first_stage's deps
I0a9ba90f0:Add ramdisk_available to init_first_stage's deps
Ib66b4c4ea:Add ramdisk_available to init_first_stage's deps
I31ce63d23:Add ramdisk_available to init_first_stage's deps
Icb580f97c:Add ramdisk_available to init_first_stage's deps
I044a075b7:Add ramdisk_available to init_first_stage's deps
I33164a7e7:Fix ndk and aml arch order
Ib8d92904a:Add ramdisk_available to sysprop_library
Ibc3516453:Add install_in_root to cc_binary
Change-Id: I50e4ecb6b4c5196955f7f97f887cdca352b4f56f
|
|
Bug: 187196593
Test: boot
Change-Id: I3b4b8c4758d5e710d3c98dd138b0893a7b320601
Merged-In: I3b4b8c4758d5e710d3c98dd138b0893a7b320601
|
|
Added SPDX-license-identifier-Apache-2.0 to:
alloc-stress/Android.bp
app-launcher/Android.bp
boot_control_copy/Android.bp
bootctl/Android.bp
boottime_tools/bootanalyze/stressfs/Android.bp
boottime_tools/bootio/Android.bp
brillo_config/Android.mk
checkpoint_gc/Android.bp
cppreopts/Android.bp
crypto-perf/Android.bp
ext4_utils/Android.bp
ext4_utils/Android.mk
f2fs_utils/Android.bp
ioblame/Android.bp
ioshark/Android.bp
iotop/Android.bp
kexec_tools/Android.bp
latencytop/Android.bp
libfec/Android.bp
libfec/test/Android.bp
libfscrypt/Android.bp
libfscrypt/tests/Android.bp
libjsonpb/parse/Android.bp
libjsonpb/verify/Android.bp
memory_replay/Android.bp
memtrack/Android.bp
mmap-perf/Android.bp
module_ndk_libs/libnativehelper/Android.bp
multinetwork/Android.bp
pagecache/Android.bp
partition_tools/Android.bp
partition_tools/aidl/Android.bp
perf2cfg/Android.bp
postinst/Android.bp
preopt2cachename/Android.bp
profcollectd/Android.bp
profcollectd/libprofcollectd/Android.bp
profcollectd/libprofcollectd/bindings/libflags/Android.bp
pssbench/Android.mk
puncture_fs/Android.bp
runconuid/Android.bp
sane_schedstat/Android.bp
showslab/Android.bp
simpleperf/Android.bp
simpleperf/runtest/Android.bp
simpleperf/scripts/inferno/Android.bp
simpleperf/simpleperf_app_runner/Android.bp
slideshow/Android.mk
sound/Android.bp
squashfs_utils/Android.bp
su/Android.mk
taskstats/Android.bp
tests/Android.bp
tests/audio/alsa/Android.bp
tests/binder/benchmarks/Android.bp
tests/bootloader/Android.mk
tests/cpueater/Android.bp
tests/crypto/Android.bp
tests/directiotest/Android.bp
tests/ext4/Android.mk
tests/framebuffer/Android.bp
tests/fstest/Android.bp
tests/icachetest/Android.bp
tests/iptables/qtaguid/Android.bp
tests/kernel.config/Android.mk
tests/lib/Android.bp
tests/lib/testUtil/Android.bp
tests/memeater/Android.mk
tests/pagingtest/Android.mk
tests/pftest/Android.bp
tests/schedtest/Android.bp
tests/storage/Android.bp
tests/suspend_stress/Android.bp
tests/tcp_nuke_addr/Android.bp
tests/timetest/Android.bp
tests/uevents/Android.bp
toolchain-extras/Android.bp
vbmeta_tools/Android.bp
verity/Android.bp
verity/fec/Android.bp
zram-perf/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
cpustats/Android.bp
Added SPDX-license-identifier-BSD to:
ANRdaemon/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: Ia559848af903a7b6746d9b12b7de8b83bc57f99d
|
|
This reverts commit 044d055c842a5750359ed71dfe50a6a4bf5f4cc3.
Reason for revert: Needs to run as multiple roots.
Change-Id: I8e06e7eb19e0f634f52fbd8a1c6662f43e347dd5
|
|
Added SPDX-license-identifier-Apache-2.0 to:
boot_control_copy/Android.bp
bootctl/Android.bp
boottime_tools/bootanalyze/stressfs/Android.bp
boottime_tools/bootio/Android.bp
checkpoint_gc/Android.bp
cppreopts/Android.bp
crypto-perf/Android.bp
ext4_utils/Android.bp
ext4_utils/Android.mk
f2fs_utils/Android.bp
ioshark/Android.bp
iotop/Android.bp
kexec_tools/Android.bp
latencytop/Android.bp
libfec/Android.bp
libfec/test/Android.bp
libfscrypt/Android.bp
libfscrypt/tests/Android.bp
libjsonpb/parse/Android.bp
libjsonpb/verify/Android.bp
memory_replay/Android.bp
memtrack/Android.bp
mmap-perf/Android.bp
module_ndk_libs/libnativehelper/Android.bp
multinetwork/Android.bp
pagecache/Android.bp
partition_tools/Android.bp
perf2cfg/Android.bp
postinst/Android.bp
preopt2cachename/Android.bp
profcollectd/Android.bp
profcollectd/libprofcollectd/Android.bp
profcollectd/libprofcollectd/bindings/libflags/Android.bp
puncture_fs/Android.bp
runconuid/Android.bp
sane_schedstat/Android.bp
showslab/Android.bp
simpleperf/Android.bp
simpleperf/runtest/Android.bp
simpleperf/scripts/inferno/Android.bp
simpleperf/simpleperf_app_runner/Android.bp
slideshow/Android.mk
sound/Android.bp
squashfs_utils/Android.bp
su/Android.mk
taskstats/Android.bp
tests/Android.bp
tests/audio/alsa/Android.bp
tests/binder/benchmarks/Android.bp
tests/bootloader/Android.mk
tests/cpueater/Android.bp
tests/crypto/Android.bp
tests/directiotest/Android.bp
tests/ext4/Android.mk
tests/framebuffer/Android.bp
tests/fstest/Android.bp
tests/icachetest/Android.bp
tests/iptables/qtaguid/Android.bp
tests/kernel.config/Android.mk
tests/lib/Android.bp
tests/lib/testUtil/Android.bp
tests/memeater/Android.mk
tests/pagingtest/Android.mk
tests/pftest/Android.bp
tests/schedtest/Android.bp
tests/storage/Android.bp
tests/suspend_stress/Android.bp
tests/tcp_nuke_addr/Android.bp
tests/timetest/Android.bp
tests/uevents/Android.bp
toolchain-extras/Android.bp
vbmeta_tools/Android.bp
verity/Android.bp
verity/fec/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
cpustats/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
legacy_notice
to:
Android.bp
Added SPDX-license-identifier-BSD
to:
ANRdaemon/Android.bp
Added legacy_notice
to:
alloc-stress/Android.bp
app-launcher/Android.bp
brillo_config/Android.mk
ioblame/Android.bp
partition_tools/aidl/Android.bp
pssbench/Android.mk
zram-perf/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: Ie7c022a4d7f828a89d0cda663684a497af37006e
|
|
Format *.cpp according to the new .clang-format. The following command
was used to generate this change:
$ find . \( -name \*.cpp -o -name \*.h \) -exec clang-format \
--style=file -i {} \;
Test: mm
Bug: 171699326
Change-Id: Id7bc8b74fc6cb5156770210271abb86b0e156089
|
|
The name "pre_gki_level" is causing some confusion because not all
devices launching with Android R are subject to the GKI requirement.
(See b/161563110#comment11.) E.g., devices that use a 4.14-based kernel
are exempt from GKI. However, the encryption requirements still apply.
Just use __ANDROID_API_Q__ directly instead.
No change in behavior.
Change-Id: I25a214ed46a68970f410327a480288ef1961af10
|
|
Now that Bionic's copy of <linux/fscrypt.h> has been updated, there's no
need to define FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32 locally.
Test: build
Change-Id: I472f3f75ec14f994685dd65b75ca5c3f271c0aa6
|
|
Bug: 144046242
Test: atest libfscrypt_unit_test
Test: Change fstab on Cuttlefish with patched kernel, check dir policy
Change-Id: I362f9a55fa28bb25afe992c8b0bae48546fc9ab0
|
|
Test: atest libfscrypt_unit_test
Bug: 143970043
Change-Id: Ibb8ee68513d4f04c1a64773768cc5ded9f7425ca
Merged-In: Ibb8ee68513d4f04c1a64773768cc5ded9f7425ca
(cherry picked from commit e6e61f778c409b08b2799c5281b5db74325bc801)
|
|
We'd like to change what the defaults are for fscrypt as we get new
and better things, but we don't want to break old devices. So we
arrange for the behavior to depend on the API version the device
launched with.
In addition, we can now supply a default if any of the three fields
are blank, meaning that clients like get_volume_file_encryption_options
don't have to separately specify defaults.
Right now we use the API level to choose between version 1 and version
2 being default, and as a further guard against anyone using the
deprecated FSCRYPT_POLICY_FLAGS_PAD_4 on new devices.
Bug: 147107322
Test: atest fscrypt
Test: Various Cuttlefish configurations
Change-Id: I43c94c1051c61d2b051355dcd428c44c279a3c75
|
|
Some inline encryption hardware supports protecting
file based encryption keys in hardware without software
having access to or ability to set plaintext keys.
New fileencryption fstab flag 'wrappedkey_v0' is added to
support these hardware. libfscrypt parses the flag and
adds the flag to EncryptionOptions allowing vold to determine
the status.
Test: FBE validation with Fscrypt v2 + inline crypt + wrapped
key changes kernel.
Bug: 147733587
Change-Id: I9fb2b2d6e510a5316976d7698e26a1aae1548ce6
|
|
aosp/1184798 has updated the kernel headers to android-mainline, so we
no longer need to manually declare the declarations for v2 policies, nor
do we need to manually declare FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64.
Also replace the FS_* constants with their new FSCRYPT_* names. This
doesn't change the numerical values; it just changes the names.
Test: build and 'atest libfscrypt_unit_test'
Bug: None
Change-Id: I03ce177923bfa9e0fecbbdbf1718fbf1c17176d9
|
|
We need to test for this flag when deciding whether to set
stable_inodes.
Bug: 143307095
Test: Set inlinecrypt_optimized, check that stable_inodes is set
Change-Id: Ic3245466eccd88ed2784ff4b2a348ca65085e2a4
|
|
Bug: 143307095
Test: add flag in fstab, check policy logs
Change-Id: Ic80d348c2c7d56048e0e73d985f709e8d287cd9f
|
|
Bug: 143307095
Test: cuttlefish, policy=v1 -> flags=0, policy=v2 -> flags=2
Change-Id: I28f35a1e0ee474d07e2e2b591c84e9057ecb6acf
|
|
Bug: 143307095
Test: atest libfscrypt_unit_test
Change-Id: Ieb72dc88c227128ecadc44096a2266fe2af0d20b
|
|
Bug: 143307095
Test: use parser for fstab
Change-Id: Ia103a2e7947d03fb50a378472203363477d865e5
|
|
Bug: 143307095
Test: check logs
Change-Id: Ib8a91dc153919063bc3daf5075848a64a7e48cf8
|
|
Replace many-parameter C interface with a cleaner and more complete
C++ interface for passing around policies in a struct.
Bug: 143307095
Test: treehugger
Change-Id: I95aeaae211f7ad698854bcc66c6d25a0bcb24cfe
|
|
Update libfscrypt to support setting v2 encryption policies. For this,
the ioctl to use is still FS_IOC_SET_ENCRYPTION_POLICY; we just need to
pass it a slightly different structure.
v2 policies support the same encryption modes and flags as v1 policies,
but internally they use a more standard, secure, and flexible KDF. Due
to this, some future features will be supported by v2 policies only.
Other notes:
- Use 16 byte filenames padding for all v2 policies. There's no need to
use the legacy 4 bytes padding.
- Unlike v1 policies, setting a v2 policy requires CAP_FOWNER if the key
hasn't been installed. This isn't an issue for Android, however --
Android always installs the keys first, and even if it didn't,
policies are only set by init and vold, which have CAP_FOWNER.
Bug: 140500999
Test: tested as series; see If64028d8580584b2c33c614cabd5d6b93657f608
Change-Id: I325f75fd3e59d6f00a5c66938b99b127981183a5
|
|
Test: build
Change-Id: I60bd71671ef18b62f3d4152e3061133eafa935f8
|
|
Bug: 140882488
Test: Booted twice, checked logs to ensure encryption
is different each time, adb created files in directory.
Change-Id: I5c962edb316d160dd09c0df893912c6b257d7810
|
|
fscrypt_policy_ensure() sets an encryption policy if the directory is
empty, otherwise it verifies the existing encryption policy.
However, it's unnecessary to actually implement this logic in userspace,
because this is the behavior of the FS_IOC_SET_ENCRYPTION_POLICY ioctl
already. See the documentation:
https://www.kernel.org/doc/html/latest/filesystems/fscrypt.html#setting-an-encryption-policy
Therefore, just call FS_IOC_SET_ENCRYPTION_POLICY and handle errors
appropriately.
This makes the code shorter and less racy, and it also fixes the issue
where if files were created in the directory before an encryption policy
is set, the error message was confusing:
Failed to get encryption policy for $dir: No data available
Now it's:
Failed to set encryption policy of $dir to ...: Directory not empty
Test: booted after factory reset, checked log, rebooted, checked log
again.
Change-Id: I51ee70706bc9ccb216ccefd7bdfbbfc57faae14d
|
|
FS_ENCRYPTION_MODE_ADIANTUM and FS_POLICY_FLAG_DIRECT_KEY are in
Bionic's <linux/fs.h> now, so there's no need to define them in
libfscrypt anymore.
Test: compiled
Change-Id: I499a70a9f8fd3445098a1dd799b1aefe0fa374ce
|
|
Bug: 140027478
Test: treehugger
Change-Id: I296ce6d1272816c237e1ad213fbdef9f6fafb44f
|
|
/data/rollback and /data/rollback-observer used to be created
unencrypted by system-server. If they are unencrypted and have
content, force them to be encrypted by wiping their contents.
Bug: b/139193659
Test: Put content in these directories, then reboot and see it wiped.
Cherrypicked-from: 58a49c3ae59d250cc1db49ce5a2678bf19bb92c3
Change-Id: I0320eb645ebe86965928acbacc8ad01dae2d5ba5
Merged-In: I0320eb645ebe86965928acbacc8ad01dae2d5ba5
|
|
This is the only object in .bss in libfscrypt and it's unused, so it's
costing us 4KB for nothing. Remove it.
Bug: 138856262
Test: objdump -h libfscrypt.so. Check .bss is gone.
Change-Id: Iac5eff45e28453f09d380c10a1818eb53ed2fe48
|
|
Test: n/a
Bug: 126330086
Change-Id: I73367a60c23ca17d0557253bea25279c104e1e53
Merged-In: I73367a60c23ca17d0557253bea25279c104e1e53
|
|
On FBE devices without metadata encryption, GSI images must not be
encrypted, since they are written using normal write() calls rather than
going through device-mapper.
Bug: 126249541
Test: GSI works on FBE device without metadata encryption
Change-Id: Ie14be778eb4a7f18dd8ea33a044ba86f909f3cce
|
|
Bug: 122999313
Test: n/a
Change-Id: I4f9086ac5ded56e1a8ba4e97f449f502b88f7634
|
|
/data/staging contains downloaded APEX files, no user data.
Bug: 122884909
Test: WIP
Change-Id: Idc17cd8978a7c432a65eb1bb4775fa88e87d2b8f
|
|
There is no user data here, just preload data.
Test: make
Change-Id: I2bd65a15ace50c4d1dc4bc4c3f3d4294f77d2c18
|
|
Adiantum is a crypto method Android is supporting for devices
which don't have AES CPU instructions. See the paper
"Adiantum: length-preserving encryption for entry-level processors"
(https://eprint.iacr.org/2018/720.pdf) for more details.
We add Adiantum to our list of supported encryption modes.
Bug: 112010205
Test: Tested on a device
Change-Id: I405ed454be1a447b7405417a05ddfd92a912bcb7
|
|
Bug: 30413223
Test: make with WITH_TIDY=1 DEFAULT_GLOBAL_TIDY_CHECKS=-*,performance*
Change-Id: I94c2456e8ef958abcb0909871fb772dd67060dfc
|
|
bionic now has linux/fs.h from the 4.14 kernel, which has the fscrypt
kernel API declarations. Replace the manual declarations in libfscrypt,
except for the mode numbers which are not supported by the upstream
kernel.
Test: built, booted device with f2fs encryption
Change-Id: I6c663813828e3e0639d9be4298bff2bd4ec36c66
|
|
File-based encryption related code no longer belongs in ext4_utils, as
it is now used on both ext4 and f2fs, since both filesystems share the
same kernel API for encryption. Refactor it into its own library,
libfscrypt.
Note that the keyring is renamed from "e4crypt" to "fscrypt", which is
technically a user-visible change, but as far as I know nothing depends
on it other than vold which is being updated too.
Test: built, booted device with f2fs encryption
Change-Id: I3c302564262412a5d5e672bd213e7cfada5f49cc
|