Be more C++. volume UUID should always be std::string.
Test: boots
Bug: 67041047
Change-Id: I36d3944ae8de192703b9ee359900841b833fe3a1
diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index 1daf4ba..48957c8 100644
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@@ -91,8 +91,8 @@
return property_get_bool("persist.sys.emulate_fbe", false);
}
-static const char* escape_null(const char* value) {
- return (value == nullptr) ? "null" : value;
+static const char* escape_empty(const std::string& value) {
+ return value.empty() ? "null" : value.c_str();
}
static std::string get_de_key_path(userid_t user_id) {
@@ -379,7 +379,7 @@
// We can only safely prepare DE storage here, since CE keys are probably
// entangled with user credentials. The framework will always prepare CE
// storage once CE keys are installed.
- if (!e4crypt_prepare_user_storage(nullptr, 0, 0, FLAG_STORAGE_DE)) {
+ if (!e4crypt_prepare_user_storage("", 0, 0, FLAG_STORAGE_DE)) {
LOG(ERROR) << "Failed to prepare user 0 storage";
return false;
}
@@ -491,8 +491,8 @@
return true;
}
-static bool parse_hex(const char* hex, std::string* result) {
- if (strcmp("!", hex) == 0) {
+static bool parse_hex(const std::string& hex, std::string* result) {
+ if (hex == "!") {
*result = "";
return true;
}
@@ -503,10 +503,10 @@
return true;
}
-bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const char* token_hex,
- const char* secret_hex) {
+bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const std::string& token_hex,
+ const std::string& secret_hex) {
LOG(DEBUG) << "e4crypt_add_user_key_auth " << user_id << " serial=" << serial
- << " token_present=" << (strcmp(token_hex, "!") != 0);
+ << " token_present=" << (token_hex != "!");
if (!e4crypt_is_native()) return true;
if (s_ephemeral_users.count(user_id) != 0) return true;
std::string token, secret;
@@ -543,10 +543,10 @@
}
// TODO: rename to 'install' for consistency, and take flags to know which keys to install
-bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token_hex,
- const char* secret_hex) {
+bool e4crypt_unlock_user_key(userid_t user_id, int serial, const std::string& token_hex,
+ const std::string& secret_hex) {
LOG(DEBUG) << "e4crypt_unlock_user_key " << user_id << " serial=" << serial
- << " token_present=" << (strcmp(token_hex, "!") != 0);
+ << " token_present=" << (token_hex != "!");
if (e4crypt_is_native()) {
if (s_ce_key_raw_refs.count(user_id) != 0) {
LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id;
@@ -566,8 +566,8 @@
// back into a known-good state.
if (!emulated_unlock(android::vold::BuildDataSystemCePath(user_id), 0771) ||
!emulated_unlock(android::vold::BuildDataMiscCePath(user_id), 01771) ||
- !emulated_unlock(android::vold::BuildDataMediaCePath(nullptr, user_id), 0770) ||
- !emulated_unlock(android::vold::BuildDataUserCePath(nullptr, user_id), 0771)) {
+ !emulated_unlock(android::vold::BuildDataMediaCePath("", user_id), 0770) ||
+ !emulated_unlock(android::vold::BuildDataUserCePath("", user_id), 0771)) {
LOG(ERROR) << "Failed to unlock user " << user_id;
return false;
}
@@ -584,8 +584,8 @@
// When in emulation mode, we just use chmod
if (!emulated_lock(android::vold::BuildDataSystemCePath(user_id)) ||
!emulated_lock(android::vold::BuildDataMiscCePath(user_id)) ||
- !emulated_lock(android::vold::BuildDataMediaCePath(nullptr, user_id)) ||
- !emulated_lock(android::vold::BuildDataUserCePath(nullptr, user_id))) {
+ !emulated_lock(android::vold::BuildDataMediaCePath("", user_id)) ||
+ !emulated_lock(android::vold::BuildDataUserCePath("", user_id))) {
LOG(ERROR) << "Failed to lock user " << user_id;
return false;
}
@@ -594,9 +594,9 @@
return true;
}
-bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial,
- int flags) {
- LOG(DEBUG) << "e4crypt_prepare_user_storage for volume " << escape_null(volume_uuid)
+bool e4crypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int serial,
+ int flags) {
+ LOG(DEBUG) << "e4crypt_prepare_user_storage for volume " << escape_empty(volume_uuid)
<< ", user " << user_id << ", serial " << serial << ", flags " << flags;
if (flags & FLAG_STORAGE_DE) {
@@ -610,7 +610,7 @@
auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);
auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
- if (volume_uuid == nullptr) {
+ if (volume_uuid.empty()) {
if (!prepare_dir(system_legacy_path, 0700, AID_SYSTEM, AID_SYSTEM)) return false;
#if MANAGE_MISC_DIRS
if (!prepare_dir(misc_legacy_path, 0750, multiuser_get_uid(user_id, AID_SYSTEM),
@@ -626,7 +626,7 @@
if (e4crypt_is_native()) {
std::string de_raw_ref;
if (!lookup_key_ref(s_de_key_raw_refs, user_id, &de_raw_ref)) return false;
- if (volume_uuid == nullptr) {
+ if (volume_uuid.empty()) {
if (!ensure_policy(de_raw_ref, system_de_path)) return false;
if (!ensure_policy(de_raw_ref, misc_de_path)) return false;
}
@@ -641,7 +641,7 @@
auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
- if (volume_uuid == nullptr) {
+ if (volume_uuid.empty()) {
if (!prepare_dir(system_ce_path, 0770, AID_SYSTEM, AID_SYSTEM)) return false;
if (!prepare_dir(misc_ce_path, 01771, AID_SYSTEM, AID_MISC)) return false;
}
@@ -651,7 +651,7 @@
if (e4crypt_is_native()) {
std::string ce_raw_ref;
if (!lookup_key_ref(s_ce_key_raw_refs, user_id, &ce_raw_ref)) return false;
- if (volume_uuid == nullptr) {
+ if (volume_uuid.empty()) {
if (!ensure_policy(ce_raw_ref, system_ce_path)) return false;
if (!ensure_policy(ce_raw_ref, misc_ce_path)) return false;
@@ -669,8 +669,8 @@
return true;
}
-bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int flags) {
- LOG(DEBUG) << "e4crypt_destroy_user_storage for volume " << escape_null(volume_uuid)
+bool e4crypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags) {
+ LOG(DEBUG) << "e4crypt_destroy_user_storage for volume " << escape_empty(volume_uuid)
<< ", user " << user_id << ", flags " << flags;
bool res = true;
@@ -685,7 +685,7 @@
auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);
auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
- if (volume_uuid == nullptr) {
+ if (volume_uuid.empty()) {
res &= destroy_dir(system_legacy_path);
#if MANAGE_MISC_DIRS
res &= destroy_dir(misc_legacy_path);
@@ -704,7 +704,7 @@
auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
- if (volume_uuid == nullptr) {
+ if (volume_uuid.empty()) {
res &= destroy_dir(system_ce_path);
res &= destroy_dir(misc_ce_path);
}
@@ -715,6 +715,6 @@
return res;
}
-bool e4crypt_secdiscard(const char* path) {
- return android::vold::runSecdiscardSingle(std::string(path));
+bool e4crypt_secdiscard(const std::string& path) {
+ return android::vold::runSecdiscardSingle(path);
}
diff --git a/Ext4Crypt.h b/Ext4Crypt.h
index e90167b..d0afd85 100644
--- a/Ext4Crypt.h
+++ b/Ext4Crypt.h
@@ -14,29 +14,29 @@
* limitations under the License.
*/
+#include <string>
+
#include <stdbool.h>
#include <sys/cdefs.h>
#include <cutils/multiuser.h>
-__BEGIN_DECLS
-
// General functions
-bool e4crypt_is_native();
bool e4crypt_initialize_global_de();
bool e4crypt_init_user0();
bool e4crypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
bool e4crypt_destroy_user_key(userid_t user_id);
-bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const char* token,
- const char* secret);
+bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const std::string& token,
+ const std::string& secret);
bool e4crypt_fixate_newest_user_key_auth(userid_t user_id);
-bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token, const char* secret);
+bool e4crypt_unlock_user_key(userid_t user_id, int serial, const std::string& token,
+ const std::string& secret);
bool e4crypt_lock_user_key(userid_t user_id);
-bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial, int flags);
-bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int flags);
+bool e4crypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int serial,
+ int flags);
+bool e4crypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
-bool e4crypt_secdiscard(const char* path);
-__END_DECLS
+bool e4crypt_secdiscard(const std::string& path);
diff --git a/Keymaster.h b/Keymaster.h
index dc6f1bc..f24a0c0 100644
--- a/Keymaster.h
+++ b/Keymaster.h
@@ -17,8 +17,6 @@
#ifndef ANDROID_VOLD_KEYMASTER_H
#define ANDROID_VOLD_KEYMASTER_H
-#ifdef __cplusplus
-
#include "KeyBuffer.h"
#include <memory>
@@ -127,8 +125,7 @@
} // namespace vold
} // namespace android
-#endif // __cplusplus
-
+// FIXME no longer needed now cryptfs is in C++.
/*
* The following functions provide C bindings to keymaster services
@@ -138,7 +135,6 @@
* The sign_object function signes an object with the given keymaster
* key.
*/
-__BEGIN_DECLS
int keymaster_compatibility_cryptfs_scrypt();
int keymaster_create_key_for_cryptfs_scrypt(uint32_t rsa_key_size,
@@ -156,6 +152,5 @@
uint8_t** signature_buffer,
size_t* signature_buffer_size);
-__END_DECLS
#endif
diff --git a/ScryptParameters.h b/ScryptParameters.h
index 1b43ea5..190842b 100644
--- a/ScryptParameters.h
+++ b/ScryptParameters.h
@@ -23,10 +23,6 @@
#define SCRYPT_PROP "ro.crypto.scrypt_params"
#define SCRYPT_DEFAULTS "15:3:1"
-__BEGIN_DECLS
-
bool parse_scrypt_parameters(const char* paramstr, int *Nf, int *rf, int *pf);
-__END_DECLS
-
#endif
diff --git a/Utils.cpp b/Utils.cpp
index b6c7bf8..a9350e8 100644
--- a/Utils.cpp
+++ b/Utils.cpp
@@ -585,54 +585,54 @@
}
std::string BuildDataSystemLegacyPath(userid_t userId) {
- return StringPrintf("%s/system/users/%u", BuildDataPath(nullptr).c_str(), userId);
+ return StringPrintf("%s/system/users/%u", BuildDataPath("").c_str(), userId);
}
std::string BuildDataSystemCePath(userid_t userId) {
- return StringPrintf("%s/system_ce/%u", BuildDataPath(nullptr).c_str(), userId);
+ return StringPrintf("%s/system_ce/%u", BuildDataPath("").c_str(), userId);
}
std::string BuildDataSystemDePath(userid_t userId) {
- return StringPrintf("%s/system_de/%u", BuildDataPath(nullptr).c_str(), userId);
+ return StringPrintf("%s/system_de/%u", BuildDataPath("").c_str(), userId);
}
std::string BuildDataMiscLegacyPath(userid_t userId) {
- return StringPrintf("%s/misc/user/%u", BuildDataPath(nullptr).c_str(), userId);
+ return StringPrintf("%s/misc/user/%u", BuildDataPath("").c_str(), userId);
}
std::string BuildDataMiscCePath(userid_t userId) {
- return StringPrintf("%s/misc_ce/%u", BuildDataPath(nullptr).c_str(), userId);
+ return StringPrintf("%s/misc_ce/%u", BuildDataPath("").c_str(), userId);
}
std::string BuildDataMiscDePath(userid_t userId) {
- return StringPrintf("%s/misc_de/%u", BuildDataPath(nullptr).c_str(), userId);
+ return StringPrintf("%s/misc_de/%u", BuildDataPath("").c_str(), userId);
}
// Keep in sync with installd (frameworks/native/cmds/installd/utils.h)
std::string BuildDataProfilesDePath(userid_t userId) {
- return StringPrintf("%s/misc/profiles/cur/%u", BuildDataPath(nullptr).c_str(), userId);
+ return StringPrintf("%s/misc/profiles/cur/%u", BuildDataPath("").c_str(), userId);
}
-std::string BuildDataPath(const char* volumeUuid) {
+std::string BuildDataPath(const std::string& volumeUuid) {
// TODO: unify with installd path generation logic
- if (volumeUuid == nullptr) {
+ if (volumeUuid.empty()) {
return "/data";
} else {
CHECK(isValidFilename(volumeUuid));
- return StringPrintf("/mnt/expand/%s", volumeUuid);
+ return StringPrintf("/mnt/expand/%s", volumeUuid.c_str());
}
}
-std::string BuildDataMediaCePath(const char* volumeUuid, userid_t userId) {
+std::string BuildDataMediaCePath(const std::string& volumeUuid, userid_t userId) {
// TODO: unify with installd path generation logic
std::string data(BuildDataPath(volumeUuid));
return StringPrintf("%s/media/%u", data.c_str(), userId);
}
-std::string BuildDataUserCePath(const char* volumeUuid, userid_t userId) {
+std::string BuildDataUserCePath(const std::string& volumeUuid, userid_t userId) {
// TODO: unify with installd path generation logic
std::string data(BuildDataPath(volumeUuid));
- if (volumeUuid == nullptr && userId == 0) {
+ if (volumeUuid.empty() && userId == 0) {
std::string legacy = StringPrintf("%s/data", data.c_str());
struct stat sb;
if (lstat(legacy.c_str(), &sb) == 0 && S_ISDIR(sb.st_mode)) {
@@ -643,7 +643,7 @@
return StringPrintf("%s/user/%u", data.c_str(), userId);
}
-std::string BuildDataUserDePath(const char* volumeUuid, userid_t userId) {
+std::string BuildDataUserDePath(const std::string& volumeUuid, userid_t userId) {
// TODO: unify with installd path generation logic
std::string data(BuildDataPath(volumeUuid));
return StringPrintf("%s/user_de/%u", data.c_str(), userId);
diff --git a/Utils.h b/Utils.h
index 4e2be96..8d09ddf 100644
--- a/Utils.h
+++ b/Utils.h
@@ -103,10 +103,10 @@
std::string BuildDataMiscDePath(userid_t userid);
std::string BuildDataProfilesDePath(userid_t userid);
-std::string BuildDataPath(const char* volumeUuid);
-std::string BuildDataMediaCePath(const char* volumeUuid, userid_t userid);
-std::string BuildDataUserCePath(const char* volumeUuid, userid_t userid);
-std::string BuildDataUserDePath(const char* volumeUuid, userid_t userid);
+std::string BuildDataPath(const std::string& volumeUuid);
+std::string BuildDataMediaCePath(const std::string& volumeUuid, userid_t userid);
+std::string BuildDataUserCePath(const std::string& volumeUuid, userid_t userid);
+std::string BuildDataUserDePath(const std::string& volumeUuid, userid_t userid);
dev_t GetDevice(const std::string& path);
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index 049f5ba..6fb1731 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp
@@ -32,6 +32,7 @@
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
+#include <ext4_utils/ext4_crypt.h>
#include <fs_mgr.h>
#include <private/android_filesystem_config.h>
#include <utils/Trace.h>
@@ -666,7 +667,7 @@
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_CRYPT_LOCK;
- return translateBool(e4crypt_add_user_key_auth(userId, userSerial, token.c_str(), secret.c_str()));
+ return translateBool(e4crypt_add_user_key_auth(userId, userSerial, token, secret));
}
binder::Status VoldNativeService::fixateNewestUserKeyAuth(int32_t userId) {
@@ -681,7 +682,7 @@
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_CRYPT_LOCK;
- return translateBool(e4crypt_unlock_user_key(userId, userSerial, token.c_str(), secret.c_str()));
+ return translateBool(e4crypt_unlock_user_key(userId, userSerial, token, secret));
}
binder::Status VoldNativeService::lockUserKey(int32_t userId) {
@@ -696,7 +697,8 @@
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_CRYPT_LOCK;
- const char* uuid_ = uuid ? uuid->c_str() : nullptr;
+ std::string empty_string = "";
+ auto uuid_ = uuid ? *uuid : empty_string;
return translateBool(e4crypt_prepare_user_storage(uuid_, userId, userSerial, flags));
}
@@ -705,7 +707,8 @@
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_CRYPT_LOCK;
- const char* uuid_ = uuid ? uuid->c_str() : nullptr;
+ std::string empty_string = "";
+ auto uuid_ = uuid ? *uuid : empty_string;
return translateBool(e4crypt_destroy_user_storage(uuid_, userId, flags));
}
@@ -713,7 +716,7 @@
ENFORCE_UID(AID_SYSTEM);
ACQUIRE_CRYPT_LOCK;
- return translateBool(e4crypt_secdiscard(path.c_str()));
+ return translateBool(e4crypt_secdiscard(path));
}
} // namespace vold
diff --git a/cryptfs.cpp b/cryptfs.cpp
index 2574e39..08a3d16 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -38,6 +38,7 @@
#include <openssl/evp.h>
#include <openssl/sha.h>
#include <errno.h>
+#include <ext4_utils/ext4_crypt.h>
#include <ext4_utils/ext4_utils.h>
#include <linux/kdev_t.h>
#include <fs_mgr.h>
diff --git a/fs/Ext4.cpp b/fs/Ext4.cpp
index 0cf4f9e..1898155 100644
--- a/fs/Ext4.cpp
+++ b/fs/Ext4.cpp
@@ -42,6 +42,7 @@
#include <android-base/stringprintf.h>
#include <cutils/log.h>
#include <cutils/properties.h>
+#include <ext4_utils/ext4_crypt.h>
#include <logwrap/logwrap.h>
#include <selinux/selinux.h>
diff --git a/model/Disk.cpp b/model/Disk.cpp
index c889a35..5b0c981 100644
--- a/model/Disk.cpp
+++ b/model/Disk.cpp
@@ -23,10 +23,11 @@
#include "Ext4Crypt.h"
#include <android-base/file.h>
+#include <android-base/logging.h>
#include <android-base/properties.h>
#include <android-base/stringprintf.h>
-#include <android-base/logging.h>
#include <diskconfig/diskconfig.h>
+#include <ext4_utils/ext4_crypt.h>
#include <vector>
#include <fcntl.h>
diff --git a/secontext.h b/secontext.h
index 08ad48e..f5339c8 100644
--- a/secontext.h
+++ b/secontext.h
@@ -18,8 +18,6 @@
#include <selinux/selinux.h>
-__BEGIN_DECLS
security_context_t secontextFsck();
-__END_DECLS
#endif