diff options
-rw-r--r-- | Android.bp | 1 | ||||
-rw-r--r-- | gsi_service.cpp | 34 | ||||
-rw-r--r-- | include/libgsi/libgsi.h | 21 |
3 files changed, 56 insertions, 0 deletions
@@ -99,6 +99,7 @@ cc_binary { "liblp", "libutils", "libc++fs", + "libvold_binder", ], target: { android: { diff --git a/gsi_service.cpp b/gsi_service.cpp index 3c875f8..41b8811 100644 --- a/gsi_service.cpp +++ b/gsi_service.cpp @@ -32,6 +32,8 @@ #include <android-base/strings.h> #include <android/gsi/BnImageService.h> #include <android/gsi/IGsiService.h> +#include <android/os/IVold.h> +#include <binder/IServiceManager.h> #include <binder/LazyServiceRegistrar.h> #include <ext4_utils/ext4_utils.h> #include <fs_mgr.h> @@ -171,6 +173,18 @@ binder::Status GsiService::createPartition(const ::std::string& name, int64_t si if (size == 0 && name == "userdata") { size = kDefaultUserdataSize; } + + if (name == "userdata") { + auto dsu_slot = GetDsuSlot(install_dir_); + auto key_dir = DefaultDsuMetadataKeyDir(dsu_slot); + auto key_dir_file = DsuMetadataKeyDirFile(dsu_slot); + if (!android::base::WriteStringToFile(key_dir, key_dir_file)) { + PLOG(ERROR) << "write failed: " << key_dir_file; + *_aidl_return = INSTALL_ERROR_GENERIC; + return binder::Status::ok(); + } + } + installer_ = std::make_unique<PartitionInstaller>(this, install_dir_, name, GetDsuSlot(install_dir_), size, readOnly); progress_ = {}; @@ -891,6 +905,10 @@ int GsiService::ReenableGsi(bool one_shot) { return IGsiService::INSTALL_OK; } +static android::sp<android::os::IVold> GetVoldService() { + return android::waitForService<android::os::IVold>(android::String16("vold")); +} + bool GsiService::RemoveGsiFiles(const std::string& install_dir) { bool ok = true; auto active_dsu = GetDsuSlot(install_dir); @@ -920,6 +938,22 @@ bool GsiService::RemoveGsiFiles(const std::string& install_dir) { ok = false; } } + if (auto vold = GetVoldService()) { + auto status = vold->destroyDsuMetadataKey(dsu_slot); + if (status.isOk()) { + std::string message; + if (!RemoveFileIfExists(DsuMetadataKeyDirFile(dsu_slot), &message)) { + LOG(ERROR) << message; + ok = false; + } + } else { + LOG(ERROR) << "Failed to destroy DSU metadata encryption key."; + ok = false; + } + } else { + LOG(ERROR) << "Failed to retrieve vold service."; + ok = false; + } if (ok) { SetProperty(kGsiInstalledProp, "0"); } diff --git a/include/libgsi/libgsi.h b/include/libgsi/libgsi.h index b210427..1e3cd07 100644 --- a/include/libgsi/libgsi.h +++ b/include/libgsi/libgsi.h @@ -19,6 +19,7 @@ #include <string> #include <android-base/file.h> +#include <android-base/strings.h> namespace android { namespace gsi { @@ -35,6 +36,8 @@ static constexpr char kDsuActiveFile[] = DSU_METADATA_PREFIX "active"; static constexpr char kDsuAvbKeyDir[] = DSU_METADATA_PREFIX "avb/"; +static constexpr char kDsuMetadataKeyDirPrefix[] = "/metadata/vold/metadata_encryption/dsu/"; + static inline std::string DsuLpMetadataFile(const std::string& dsu_slot) { return DSU_METADATA_PREFIX + dsu_slot + "/lp_metadata"; } @@ -43,6 +46,24 @@ static inline std::string DsuInstallDirFile(const std::string& dsu_slot) { return DSU_METADATA_PREFIX + dsu_slot + "/install_dir"; } +static inline std::string DsuMetadataKeyDirFile(const std::string& dsu_slot) { + return DSU_METADATA_PREFIX + dsu_slot + "/metadata_encryption_dir"; +} + +static inline std::string DefaultDsuMetadataKeyDir(const std::string& dsu_slot) { + return kDsuMetadataKeyDirPrefix + dsu_slot; +} + +static inline std::string GetDsuMetadataKeyDir(const std::string& dsu_slot) { + auto key_dir_file = DsuMetadataKeyDirFile(dsu_slot); + std::string key_dir; + if (android::base::ReadFileToString(key_dir_file, &key_dir) && + android::base::StartsWith(key_dir, kDsuMetadataKeyDirPrefix)) { + return key_dir; + } + return DefaultDsuMetadataKeyDir(dsu_slot); +} + // install_dir "/data/gsi/dsu/dsu" has a slot name "dsu" // install_dir "/data/gsi/dsu/dsu2" has a slot name "dsu2" std::string GetDsuSlot(const std::string& install_dir); |