cryptfs: Remove Speck support
am: 17059fe53b
Change-Id: I86d4cc91776ba8c2653d14d609403ab98e98ba64
diff --git a/Utils.cpp b/Utils.cpp
index 98e8a9b..002af03 100644
--- a/Utils.cpp
+++ b/Utils.cpp
@@ -545,9 +545,7 @@
PLOG(WARNING) << "Failed to open " << path;
return -1;
} else {
- uint64_t res = calculate_dir_size(dirfd);
- close(dirfd);
- return res;
+ return calculate_dir_size(dirfd);
}
}
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index 8c32587..21e132a 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -624,7 +624,8 @@
while ((mentry = getmntent(fp)) != NULL) {
auto test = std::string(mentry->mnt_dir);
if ((android::base::StartsWith(test, "/mnt/") &&
- !android::base::StartsWith(test, "/mnt/vendor")) ||
+ !android::base::StartsWith(test, "/mnt/vendor") &&
+ !android::base::StartsWith(test, "/mnt/product")) ||
android::base::StartsWith(test, "/storage/")) {
toUnmount.push_front(test);
}
diff --git a/cryptfs.cpp b/cryptfs.cpp
index c5024ae..c4274ed 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -20,49 +20,54 @@
*
*/
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <sys/stat.h>
-#include <ctype.h>
-#include <fcntl.h>
-#include <inttypes.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <sys/ioctl.h>
-#include <linux/dm-ioctl.h>
-#include <libgen.h>
-#include <stdlib.h>
-#include <sys/param.h>
-#include <string.h>
-#include <sys/mount.h>
-#include <openssl/evp.h>
-#include <openssl/sha.h>
-#include <errno.h>
+#define LOG_TAG "Cryptfs"
+
+#include "cryptfs.h"
+
+#include "EncryptInplace.h"
+#include "Ext4Crypt.h"
+#include "Keymaster.h"
+#include "Process.h"
+#include "ScryptParameters.h"
+#include "VoldUtil.h"
+#include "VolumeManager.h"
+#include "secontext.h"
+
+#include <android-base/properties.h>
+#include <bootloader_message/bootloader_message.h>
+#include <cutils/android_reboot.h>
+#include <cutils/properties.h>
#include <ext4_utils/ext4_crypt.h>
#include <ext4_utils/ext4_utils.h>
-#include <linux/kdev_t.h>
+#include <f2fs_sparseblock.h>
#include <fs_mgr.h>
-#include <time.h>
-#include <math.h>
-#include <selinux/selinux.h>
-#include "cryptfs.h"
-#include "secontext.h"
-#define LOG_TAG "Cryptfs"
-#include "cutils/log.h"
-#include "cutils/properties.h"
-#include "cutils/android_reboot.h"
-#include "hardware_legacy/power.h"
+#include <hardware_legacy/power.h>
+#include <log/log.h>
#include <logwrap/logwrap.h>
-#include "ScryptParameters.h"
-#include "VolumeManager.h"
-#include "VoldUtil.h"
-#include "Ext4Crypt.h"
-#include "f2fs_sparseblock.h"
-#include "EncryptInplace.h"
-#include "Process.h"
-#include "Keymaster.h"
-#include "android-base/properties.h"
-#include <bootloader_message/bootloader_message.h>
+#include <openssl/evp.h>
+#include <openssl/sha.h>
+#include <selinux/selinux.h>
+
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <inttypes.h>
+#include <libgen.h>
+#include <linux/dm-ioctl.h>
+#include <linux/kdev_t.h>
+#include <math.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/ioctl.h>
+#include <sys/mount.h>
+#include <sys/param.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <time.h>
+#include <unistd.h>
+
extern "C" {
#include <crypto_scrypt.h>
}
@@ -1598,7 +1603,9 @@
property_get("ro.crypto.readonly", ro_prop, "");
if (strlen(ro_prop) > 0 && std::stoi(ro_prop)) {
struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
- rec->flags |= MS_RDONLY;
+ if (rec) {
+ rec->flags |= MS_RDONLY;
+ }
}
/* If that succeeded, then mount the decrypted filesystem */
@@ -2939,5 +2946,5 @@
int cryptfs_isConvertibleToFBE()
{
struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
- return fs_mgr_is_convertible_to_fbe(rec) ? 1 : 0;
+ return (rec && fs_mgr_is_convertible_to_fbe(rec)) ? 1 : 0;
}
diff --git a/cryptfs.h b/cryptfs.h
index d6c7dc5..dc7a8c3 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -29,8 +29,10 @@
* partition.
*/
+#include <linux/types.h>
#include <stdbool.h>
#include <stdint.h>
+
#include <cutils/properties.h>
/* The current cryptfs version */
diff --git a/fs/Ext4.cpp b/fs/Ext4.cpp
index 89b8414..717c8b7 100644
--- a/fs/Ext4.cpp
+++ b/fs/Ext4.cpp
@@ -35,12 +35,9 @@
#include <linux/kdev_t.h>
-#define LOG_TAG "Vold"
-
#include <android-base/logging.h>
#include <android-base/properties.h>
#include <android-base/stringprintf.h>
-#include <cutils/log.h>
#include <cutils/properties.h>
#include <ext4_utils/ext4_crypt.h>
#include <logwrap/logwrap.h>
@@ -102,7 +99,8 @@
if (result == 0) {
break;
}
- ALOGW("%s(): umount(%s)=%d: %s\n", __func__, c_target, result, strerror(errno));
+ LOG(WARNING) << __func__ << "(): umount(" << c_target << ")=" << result << ": "
+ << strerror(errno);
sleep(1);
}
}
@@ -112,10 +110,10 @@
* (e.g. recent SDK system images). Detect these and skip the check.
*/
if (access(kFsckPath, X_OK)) {
- ALOGD("Not running %s on %s (executable not in system image)\n",
- kFsckPath, c_source);
+ LOG(DEBUG) << "Not running " << kFsckPath << " on " << c_source
+ << " (executable not in system image)";
} else {
- ALOGD("Running %s on %s\n", kFsckPath, c_source);
+ LOG(DEBUG) << "Running " << kFsckPath << " on " << c_source;
std::vector<std::string> cmd;
cmd.push_back(kFsckPath);
diff --git a/fs/Vfat.cpp b/fs/Vfat.cpp
index 538178e..9873fd4 100644
--- a/fs/Vfat.cpp
+++ b/fs/Vfat.cpp
@@ -159,12 +159,8 @@
status_t Format(const std::string& source, unsigned long numSectors) {
std::vector<std::string> cmd;
cmd.push_back(kMkfsPath);
- cmd.push_back("-F");
- cmd.push_back("32");
cmd.push_back("-O");
cmd.push_back("android");
- cmd.push_back("-c");
- cmd.push_back("64");
cmd.push_back("-A");
if (numSectors) {
diff --git a/model/Disk.cpp b/model/Disk.cpp
index d7b19ac..781d3e9 100644
--- a/model/Disk.cpp
+++ b/model/Disk.cpp
@@ -76,6 +76,8 @@
static const unsigned int kMajorBlockMmc = 179;
static const unsigned int kMajorBlockExperimentalMin = 240;
static const unsigned int kMajorBlockExperimentalMax = 254;
+static const unsigned int kMajorBlockDynamicMin = 234;
+static const unsigned int kMajorBlockDynamicMax = 512;
static const char* kGptBasicData = "EBD0A0A2-B9E5-4433-87C0-68B6B72699C7";
static const char* kGptAndroidMeta = "19A710A2-B3CA-11E4-B026-10604B889DCF";
@@ -114,6 +116,12 @@
&& major <= kMajorBlockExperimentalMax;
}
+static bool isNvmeBlkDevice(unsigned int major, const std::string& sysPath) {
+ return sysPath.find("nvme") != std::string::npos
+ && major >= kMajorBlockDynamicMin
+ && major <= kMajorBlockDynamicMax;
+}
+
Disk::Disk(const std::string& eventPath, dev_t device,
const std::string& nickname, int flags) :
mDevice(device), mSize(-1), mNickname(nickname), mFlags(flags), mCreated(
@@ -292,6 +300,16 @@
mLabel = "Virtual";
break;
}
+ if (isNvmeBlkDevice(majorId, mSysPath)) {
+ std::string path(mSysPath + "/device/model");
+ std::string tmp;
+ if (!ReadFileToString(path, &tmp)) {
+ PLOG(WARNING) << "Failed to read vendor from " << path;
+ return -errno;
+ }
+ mLabel = tmp;
+ break;
+ }
LOG(WARNING) << "Unsupported block major type " << majorId;
return -ENOTSUP;
}
@@ -576,6 +594,13 @@
// 2^4 - 1 = 15
return 15;
}
+ if (isNvmeBlkDevice(majorId, mSysPath)) {
+ // despite kernel nvme driver supports up to 1M minors,
+ // #define NVME_MINORS (1U << MINORBITS)
+ // sgdisk can not support more than 127 partitions, due to
+ // #define MAX_MBR_PARTS 128
+ return 127;
+ }
}
}
diff --git a/model/EmulatedVolume.cpp b/model/EmulatedVolume.cpp
index 31c3924..6e1ffce 100644
--- a/model/EmulatedVolume.cpp
+++ b/model/EmulatedVolume.cpp
@@ -114,8 +114,8 @@
}
}
/* sdcardfs will have exited already. FUSE will still be running */
- if (TEMP_FAILURE_RETRY(waitpid(mFusePid, nullptr, WNOHANG)) == mFusePid)
- mFusePid = 0;
+ TEMP_FAILURE_RETRY(waitpid(mFusePid, nullptr, 0));
+ mFusePid = 0;
return OK;
}
@@ -130,12 +130,6 @@
ForceUnmount(mFuseRead);
ForceUnmount(mFuseWrite);
- if (mFusePid > 0) {
- kill(mFusePid, SIGTERM);
- TEMP_FAILURE_RETRY(waitpid(mFusePid, nullptr, 0));
- mFusePid = 0;
- }
-
rmdir(mFuseDefault.c_str());
rmdir(mFuseRead.c_str());
rmdir(mFuseWrite.c_str());
diff --git a/model/PublicVolume.cpp b/model/PublicVolume.cpp
index fc7e96f..9f2ed85 100644
--- a/model/PublicVolume.cpp
+++ b/model/PublicVolume.cpp
@@ -211,8 +211,8 @@
}
}
/* sdcardfs will have exited already. FUSE will still be running */
- if (TEMP_FAILURE_RETRY(waitpid(mFusePid, nullptr, WNOHANG)) == mFusePid)
- mFusePid = 0;
+ TEMP_FAILURE_RETRY(waitpid(mFusePid, nullptr, 0));
+ mFusePid = 0;
return OK;
}
@@ -231,12 +231,6 @@
ForceUnmount(mFuseWrite);
ForceUnmount(mRawPath);
- if (mFusePid > 0) {
- kill(mFusePid, SIGTERM);
- TEMP_FAILURE_RETRY(waitpid(mFusePid, nullptr, 0));
- mFusePid = 0;
- }
-
rmdir(mFuseDefault.c_str());
rmdir(mFuseRead.c_str());
rmdir(mFuseWrite.c_str());
diff --git a/secdiscard.cpp b/secdiscard.cpp
index f9532ea..60834e8 100644
--- a/secdiscard.cpp
+++ b/secdiscard.cpp
@@ -57,7 +57,33 @@
usage(argv[0]);
return -1;
}
+
for (auto const &target: options.targets) {
+// F2FS-specific ioctl
+// It requires the below kernel commit merged in v4.16-rc1.
+// 1ad71a27124c ("f2fs: add an ioctl to disable GC for specific file")
+// In android-4.4,
+// 56ee1e817908 ("f2fs: updates on v4.16-rc1")
+// In android-4.9,
+// 2f17e34672a8 ("f2fs: updates on v4.16-rc1")
+// In android-4.14,
+// ce767d9a55bc ("f2fs: updates on v4.16-rc1")
+#ifndef F2FS_IOC_SET_PIN_FILE
+#ifndef F2FS_IOCTL_MAGIC
+#define F2FS_IOCTL_MAGIC 0xf5
+#endif
+#define F2FS_IOC_SET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 13, __u32)
+#define F2FS_IOC_GET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 14, __u32)
+#endif
+ android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(
+ target.c_str(), O_WRONLY, 0)));
+ if (fd == -1) {
+ LOG(ERROR) << "Secure discard open failed for: " << target;
+ return 0;
+ }
+ __u32 set = 1;
+ ioctl(fd, F2FS_IOC_SET_PIN_FILE, &set);
+
LOG(DEBUG) << "Securely discarding '" << target << "' unlink=" << options.unlink;
if (!secdiscard_path(target)) {
LOG(ERROR) << "Secure discard failed for: " << target;
@@ -67,6 +93,8 @@
PLOG(ERROR) << "Unable to unlink: " << target;
}
}
+ set = 0;
+ ioctl(fd, F2FS_IOC_SET_PIN_FILE, &set);
LOG(DEBUG) << "Discarded: " << target;
}
return 0;