Merge changes Icdff584e,I71fd98e6,If1e9e3ad,I05bc4dc9 am: 017e95fa6a am: 078a507c43
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1887522
Change-Id: I6e2144b19a38d838595729b932d7bd3a9110b87e
diff --git a/Android.bp b/Android.bp
index 35f74bf..4750d1a 100644
--- a/Android.bp
+++ b/Android.bp
@@ -41,7 +41,6 @@
"libfec_rs",
"libfs_avb",
"libfs_mgr",
- "libscrypt_static",
"libsquashfs_utils",
"libvold_binder",
],
@@ -130,7 +129,6 @@
"NetlinkHandler.cpp",
"NetlinkManager.cpp",
"Process.cpp",
- "ScryptParameters.cpp",
"Utils.cpp",
"VoldNativeService.cpp",
"VoldNativeServiceValidation.cpp",
@@ -235,7 +233,6 @@
static_libs: [
"libvold_binder",
],
- init_rc: ["vdc.rc"],
}
cc_binary {
diff --git a/KeyStorage.cpp b/KeyStorage.cpp
index 0ced145..3ede67e 100644
--- a/KeyStorage.cpp
+++ b/KeyStorage.cpp
@@ -18,7 +18,6 @@
#include "Checkpoint.h"
#include "Keystore.h"
-#include "ScryptParameters.h"
#include "Utils.h"
#include <algorithm>
@@ -45,11 +44,6 @@
#include <cutils/properties.h>
-extern "C" {
-
-#include "crypto_scrypt.h"
-}
-
namespace android {
namespace vold {
diff --git a/ScryptParameters.cpp b/ScryptParameters.cpp
deleted file mode 100644
index f5a964f..0000000
--- a/ScryptParameters.cpp
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "ScryptParameters.h"
-
-#include <stdlib.h>
-#include <string.h>
-
-bool parse_scrypt_parameters(const char* paramstr, int* Nf, int* rf, int* pf) {
- int params[3] = {};
- char* token;
- char* saveptr;
- int i;
-
- /*
- * The token we're looking for should be three integers separated by
- * colons (e.g., "12:8:1"). Scan the property to make sure it matches.
- */
- for (i = 0, token = strtok_r(const_cast<char*>(paramstr), ":", &saveptr);
- token != nullptr && i < 3; i++, token = strtok_r(nullptr, ":", &saveptr)) {
- char* endptr;
- params[i] = strtol(token, &endptr, 10);
-
- /*
- * Check that there was a valid number and it's 8-bit.
- */
- if ((*token == '\0') || (*endptr != '\0') || params[i] < 0 || params[i] > 255) {
- return false;
- }
- }
- if (token != nullptr) {
- return false;
- }
- *Nf = params[0];
- *rf = params[1];
- *pf = params[2];
- return true;
-}
diff --git a/ScryptParameters.h b/ScryptParameters.h
deleted file mode 100644
index edb80cc..0000000
--- a/ScryptParameters.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef ANDROID_VOLD_SCRYPT_PARAMETERS_H
-#define ANDROID_VOLD_SCRYPT_PARAMETERS_H
-
-#include <stdbool.h>
-#include <sys/cdefs.h>
-
-#define SCRYPT_PROP "ro.crypto.scrypt_params"
-#define SCRYPT_DEFAULTS "15:3:1"
-
-bool parse_scrypt_parameters(const char* paramstr, int* Nf, int* rf, int* pf);
-
-#endif
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index 415e48d..8c9cc16 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp
@@ -26,7 +26,6 @@
#include <utils/Trace.h>
#include <stdio.h>
-#include <sys/vfs.h>
#include <fstream>
#include <thread>
@@ -912,42 +911,10 @@
incfs::features();
}
-// This is missing from the kernel UAPI headers.
-#define ST_RDONLY 0x0001
-
-// FDE devices run the post-fs-data trigger (and hence also earlyBootEnded)
-// multiple times, sometimes prior to the real /data being mounted. That causes
-// keystore2 to try to open a file in /data, causing it to panic or have to be
-// killed by vold later, causing problems (vold failing to connect to keystore2,
-// or keystore2 operations erroring out later). As a workaround to keep FDE
-// working, ignore these too-early calls to earlyBootEnded.
-//
-// This can be removed when support for FDE is removed.
-static bool IgnoreEarlyBootEnded() {
- // The statfs("/data") below should be sufficient by itself, but to be safe
- // we also explicitly return false on FBE devices. (This really should be
- // ro.crypto.type != "block" for "non-FDE devices", but on FDE devices this
- // is sometimes called before ro.crypto.type gets set.)
- if (fscrypt_is_native()) return false;
-
- struct statfs buf;
- if (statfs(DATA_MNT_POINT, &buf) != 0) {
- PLOG(ERROR) << "statfs(\"/data\") failed";
- return false;
- }
- if (buf.f_type == TMPFS_MAGIC || (buf.f_flags & ST_RDONLY)) {
- LOG(INFO) << "Ignoring earlyBootEnded since real /data isn't mounted yet";
- return true;
- }
- return false;
-}
-
binder::Status VoldNativeService::earlyBootEnded() {
ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_LOCK;
- if (IgnoreEarlyBootEnded()) return Ok();
-
initializeIncFs();
Keystore::earlyBootEnded();
return Ok();
diff --git a/cryptfs.h b/cryptfs.h
index 1cae5b7..e166f49 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -22,10 +22,6 @@
#include "KeyBuffer.h"
#include "KeyUtil.h"
-// TODO(b/191796797): remove this once it is no longer referenced by system/core
-// and bootable/recovery.
-#define CRYPT_FOOTER_OFFSET 0x4000
-
int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev,
const android::vold::KeyBuffer& key, std::string* out_crypto_blkdev);
const android::vold::KeyGeneration cryptfs_get_keygen();
diff --git a/vdc.rc b/vdc.rc
deleted file mode 100644
index f2a8076..0000000
--- a/vdc.rc
+++ /dev/null
@@ -1,12 +0,0 @@
-# One shot invocation to deal with encrypted volume.
-on defaultcrypto
- exec - root -- /system/bin/vdc --wait cryptfs mountdefaultencrypted
- # vold will set vold.decrypt to trigger_restart_framework (default
- # encryption) or trigger_restart_min_framework (other encryption)
-
-# One shot invocation to encrypt unencrypted volumes
-on encrypt
- start surfaceflinger
- exec - root -- /system/bin/vdc --wait cryptfs enablecrypto
- # vold will set vold.decrypt to trigger_restart_framework (default
- # encryption)