am eb0c05ce: Merge "Break key installation into its own function so we can install non-master keys."
* commit 'eb0c05ced4264f095b309b17f56babf49b3696dd':
Break key installation into its own function so we can install non-master keys.
diff --git a/Android.mk b/Android.mk
index 4052b7d..eb18a6f 100644
--- a/Android.mk
+++ b/Android.mk
@@ -6,8 +6,6 @@
VoldCommand.cpp \
NetlinkManager.cpp \
NetlinkHandler.cpp \
- Volume.cpp \
- DirectVolume.cpp \
Process.cpp \
Ext4.cpp \
Fat.cpp \
@@ -18,7 +16,14 @@
Ext4Crypt.cpp \
VoldUtil.c \
fstrim.c \
- cryptfs.c
+ cryptfs.c \
+ Disk.cpp \
+ VolumeBase.cpp \
+ PublicVolume.cpp \
+ PrivateVolume.cpp \
+ EmulatedVolume.cpp \
+ Utils.cpp \
+ MoveTask.cpp \
common_c_includes := \
system/extras/ext4_utils \
@@ -43,7 +48,8 @@
libselinux \
libutils \
libhardware \
- libsoftkeymaster
+ libsoftkeymaster \
+ libbase \
common_static_libraries := \
libfs_mgr \
@@ -53,7 +59,7 @@
libbatteryservice
vold_conlyflags := -std=c11
-vold_cflags := -Werror -Wall -Wno-missing-field-initializers
+vold_cflags := -Werror -Wall -Wno-missing-field-initializers -Wno-unused-variable -Wno-unused-parameter
include $(CLEAR_VARS)
diff --git a/CommandListener.cpp b/CommandListener.cpp
index 73a26e4..11eec02 100644
--- a/CommandListener.cpp
+++ b/CommandListener.cpp
@@ -34,12 +34,14 @@
#include "CommandListener.h"
#include "VolumeManager.h"
+#include "VolumeBase.h"
#include "ResponseCode.h"
#include "Process.h"
#include "Loop.h"
#include "Devmapper.h"
#include "cryptfs.h"
#include "fstrim.h"
+#include "MoveTask.h"
#define DUMP_ARGS 0
@@ -86,6 +88,14 @@
void CommandListener::dumpArgs(int /*argc*/, char ** /*argv*/, int /*argObscure*/) { }
#endif
+int CommandListener::sendGenericOkFail(SocketClient *cli, int cond) {
+ if (!cond) {
+ return cli->sendMsg(ResponseCode::CommandOkay, "Command succeeded", false);
+ } else {
+ return cli->sendMsg(ResponseCode::OperationFailed, "Command failed", false);
+ }
+}
+
CommandListener::DumpCmd::DumpCmd() :
VoldCommand("dump") {
}
@@ -129,99 +139,108 @@
}
VolumeManager *vm = VolumeManager::Instance();
- int rc = 0;
+ std::lock_guard<std::mutex> lock(vm->getLock());
- if (!strcmp(argv[1], "list")) {
- bool broadcast = argc >= 3 && !strcmp(argv[2], "broadcast");
- return vm->listVolumes(cli, broadcast);
- } else if (!strcmp(argv[1], "debug")) {
- if (argc != 3 || (argc == 3 && (strcmp(argv[2], "off") && strcmp(argv[2], "on")))) {
- cli->sendMsg(ResponseCode::CommandSyntaxError, "Usage: volume debug <off/on>", false);
- return 0;
- }
- vm->setDebug(!strcmp(argv[2], "on") ? true : false);
- } else if (!strcmp(argv[1], "mount")) {
- if (argc != 3) {
- cli->sendMsg(ResponseCode::CommandSyntaxError, "Usage: volume mount <path>", false);
- return 0;
- }
- rc = vm->mountVolume(argv[2]);
- } else if (!strcmp(argv[1], "unmount")) {
- if (argc < 3 || argc > 4 ||
- ((argc == 4 && strcmp(argv[3], "force")) &&
- (argc == 4 && strcmp(argv[3], "force_and_revert")))) {
- cli->sendMsg(ResponseCode::CommandSyntaxError, "Usage: volume unmount <path> [force|force_and_revert]", false);
- return 0;
+ // TODO: tease out methods not directly related to volumes
+
+ std::string cmd(argv[1]);
+ if (cmd == "reset") {
+ return sendGenericOkFail(cli, vm->reset());
+
+ } else if (cmd == "shutdown") {
+ return sendGenericOkFail(cli, vm->shutdown());
+
+ } else if (cmd == "debug") {
+ return sendGenericOkFail(cli, vm->setDebug(true));
+
+ } else if (cmd == "partition" && argc > 3) {
+ // partition [diskId] [public|private|mixed] [ratio]
+ std::string id(argv[2]);
+ auto disk = vm->findDisk(id);
+ if (disk == nullptr) {
+ return cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown disk", false);
}
- bool force = false;
- bool revert = false;
- if (argc >= 4 && !strcmp(argv[3], "force")) {
- force = true;
- } else if (argc >= 4 && !strcmp(argv[3], "force_and_revert")) {
- force = true;
- revert = true;
- }
- rc = vm->unmountVolume(argv[2], force, revert);
- } else if (!strcmp(argv[1], "format")) {
- if (argc < 3 || argc > 4 ||
- (argc == 4 && strcmp(argv[3], "wipe"))) {
- cli->sendMsg(ResponseCode::CommandSyntaxError, "Usage: volume format <path> [wipe]", false);
- return 0;
- }
- bool wipe = false;
- if (argc >= 4 && !strcmp(argv[3], "wipe")) {
- wipe = true;
- }
- rc = vm->formatVolume(argv[2], wipe);
- } else if (!strcmp(argv[1], "share")) {
- if (argc != 4) {
- cli->sendMsg(ResponseCode::CommandSyntaxError,
- "Usage: volume share <path> <method>", false);
- return 0;
- }
- rc = vm->shareVolume(argv[2], argv[3]);
- } else if (!strcmp(argv[1], "unshare")) {
- if (argc != 4) {
- cli->sendMsg(ResponseCode::CommandSyntaxError,
- "Usage: volume unshare <path> <method>", false);
- return 0;
- }
- rc = vm->unshareVolume(argv[2], argv[3]);
- } else if (!strcmp(argv[1], "shared")) {
- bool enabled = false;
- if (argc != 4) {
- cli->sendMsg(ResponseCode::CommandSyntaxError,
- "Usage: volume shared <path> <method>", false);
- return 0;
- }
-
- if (vm->shareEnabled(argv[2], argv[3], &enabled)) {
- cli->sendMsg(
- ResponseCode::OperationFailed, "Failed to determine share enable state", true);
+ std::string type(argv[3]);
+ if (type == "public") {
+ return sendGenericOkFail(cli, disk->partitionPublic());
+ } else if (type == "private") {
+ return sendGenericOkFail(cli, disk->partitionPrivate());
+ } else if (type == "mixed") {
+ if (argc < 4) {
+ return cli->sendMsg(ResponseCode::CommandSyntaxError, nullptr, false);
+ }
+ int frac = atoi(argv[4]);
+ return sendGenericOkFail(cli, disk->partitionMixed(frac));
} else {
- cli->sendMsg(ResponseCode::ShareEnabledResult,
- (enabled ? "Share enabled" : "Share disabled"), false);
+ return cli->sendMsg(ResponseCode::CommandSyntaxError, nullptr, false);
}
- return 0;
- } else if (!strcmp(argv[1], "mkdirs")) {
- if (argc != 3) {
- cli->sendMsg(ResponseCode::CommandSyntaxError, "Usage: volume mkdirs <path>", false);
- return 0;
+
+ } else if (cmd == "mkdirs" && argc > 2) {
+ // mkdirs [path]
+ return sendGenericOkFail(cli, vm->mkdirs(argv[2]));
+
+ } else if (cmd == "start_user" && argc > 2) {
+ // start_user [user]
+ return sendGenericOkFail(cli, vm->startUser(atoi(argv[2])));
+
+ } else if (cmd == "cleanup_user" && argc > 2) {
+ // cleanup_user [user]
+ return sendGenericOkFail(cli, vm->cleanupUser(atoi(argv[2])));
+
+ } else if (cmd == "mount" && argc > 2) {
+ // mount [volId] [flags] [user]
+ std::string id(argv[2]);
+ auto vol = vm->findVolume(id);
+ if (vol == nullptr) {
+ return cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown volume", false);
}
- rc = vm->mkdirs(argv[2]);
- } else {
- cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown volume cmd", false);
+
+ int mountFlags = (argc > 3) ? atoi(argv[3]) : 0;
+ userid_t mountUserId = (argc > 4) ? atoi(argv[4]) : -1;
+
+ vol->setMountFlags(mountFlags);
+ vol->setMountUserId(mountUserId);
+
+ int res = vol->mount();
+ if (mountFlags & android::vold::VolumeBase::MountFlags::kPrimary) {
+ vm->setPrimary(vol);
+ }
+ return sendGenericOkFail(cli, res);
+
+ } else if (cmd == "unmount" && argc > 2) {
+ // unmount [volId]
+ std::string id(argv[2]);
+ auto vol = vm->findVolume(id);
+ if (vol == nullptr) {
+ return cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown volume", false);
+ }
+
+ return sendGenericOkFail(cli, vol->unmount());
+
+ } else if (cmd == "format" && argc > 2) {
+ // format [volId]
+ std::string id(argv[2]);
+ auto vol = vm->findVolume(id);
+ if (vol == nullptr) {
+ return cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown volume", false);
+ }
+
+ return sendGenericOkFail(cli, vol->format());
+
+ } else if (cmd == "move_storage" && argc > 3) {
+ // move_storage [fromVolId] [toVolId]
+ auto fromVol = vm->findVolume(std::string(argv[2]));
+ auto toVol = vm->findVolume(std::string(argv[3]));
+ if (fromVol == nullptr || toVol == nullptr) {
+ return cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown volume", false);
+ }
+
+ (new android::vold::MoveTask(fromVol, toVol))->start();
+ return sendGenericOkFail(cli, 0);
}
- if (!rc) {
- cli->sendMsg(ResponseCode::CommandOkay, "volume operation succeeded", false);
- } else {
- rc = ResponseCode::convertFromErrno();
- cli->sendMsg(rc, "volume operation failed", true);
- }
-
- return 0;
+ return cli->sendMsg(ResponseCode::CommandSyntaxError, nullptr, false);
}
CommandListener::StorageCmd::StorageCmd() :
@@ -346,8 +365,8 @@
if (!strcmp(argv[1], "list")) {
dumpArgs(argc, argv, -1);
- listAsecsInDirectory(cli, Volume::SEC_ASECDIR_EXT);
- listAsecsInDirectory(cli, Volume::SEC_ASECDIR_INT);
+ listAsecsInDirectory(cli, VolumeManager::SEC_ASECDIR_EXT);
+ listAsecsInDirectory(cli, VolumeManager::SEC_ASECDIR_INT);
} else if (!strcmp(argv[1], "create")) {
dumpArgs(argc, argv, 5);
if (argc != 8) {
@@ -616,7 +635,7 @@
if (rc == 0) {
break;
} else if (tries == 0) {
- Process::killProcessesWithOpenFiles(DATA_MNT_POINT, 2);
+ Process::killProcessesWithOpenFiles(DATA_MNT_POINT, SIGKILL);
}
}
} else if (!strcmp(argv[1], "enablefilecrypto")) {
diff --git a/CommandListener.h b/CommandListener.h
index 0bd51d2..8cc1a04 100644
--- a/CommandListener.h
+++ b/CommandListener.h
@@ -18,6 +18,7 @@
#define _COMMANDLISTENER_H__
#include <sysutils/FrameworkListener.h>
+#include <utils/Errors.h>
#include "VoldCommand.h"
class CommandListener : public FrameworkListener {
@@ -27,6 +28,7 @@
private:
static void dumpArgs(int argc, char **argv, int argObscure);
+ static int sendGenericOkFail(SocketClient *cli, int cond);
class DumpCmd : public VoldCommand {
public:
diff --git a/Devmapper.cpp b/Devmapper.cpp
index 703902f..703eade 100644
--- a/Devmapper.cpp
+++ b/Devmapper.cpp
@@ -55,7 +55,7 @@
}
int fd;
- if ((fd = open("/dev/device-mapper", O_RDWR)) < 0) {
+ if ((fd = open("/dev/device-mapper", O_RDWR | O_CLOEXEC)) < 0) {
SLOGE("Error opening devmapper (%s)", strerror(errno));
free(buffer);
free(buffer2);
@@ -138,7 +138,7 @@
}
int fd;
- if ((fd = open("/dev/device-mapper", O_RDWR)) < 0) {
+ if ((fd = open("/dev/device-mapper", O_RDWR | O_CLOEXEC)) < 0) {
SLOGE("Error opening devmapper (%s)", strerror(errno));
free(buffer);
return -1;
@@ -172,7 +172,7 @@
}
int fd;
- if ((fd = open("/dev/device-mapper", O_RDWR)) < 0) {
+ if ((fd = open("/dev/device-mapper", O_RDWR | O_CLOEXEC)) < 0) {
SLOGE("Error opening devmapper (%s)", strerror(errno));
free(buffer);
return -1;
@@ -269,7 +269,7 @@
}
int fd;
- if ((fd = open("/dev/device-mapper", O_RDWR)) < 0) {
+ if ((fd = open("/dev/device-mapper", O_RDWR | O_CLOEXEC)) < 0) {
SLOGE("Error opening devmapper (%s)", strerror(errno));
free(buffer);
return -1;
diff --git a/DirectVolume.cpp b/DirectVolume.cpp
deleted file mode 100644
index 64d7744..0000000
--- a/DirectVolume.cpp
+++ /dev/null
@@ -1,512 +0,0 @@
-/*
- * Copyright (C) 2008 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <fnmatch.h>
-
-#include <linux/kdev_t.h>
-
-#define LOG_TAG "DirectVolume"
-
-#include <cutils/log.h>
-#include <sysutils/NetlinkEvent.h>
-
-#include "DirectVolume.h"
-#include "VolumeManager.h"
-#include "ResponseCode.h"
-#include "cryptfs.h"
-
-// #define PARTITION_DEBUG
-
-PathInfo::PathInfo(const char *p)
-{
- warned = false;
- pattern = strdup(p);
-
- if (!strchr(pattern, '*')) {
- patternType = prefix;
- } else {
- patternType = wildcard;
- }
-}
-
-PathInfo::~PathInfo()
-{
- free(pattern);
-}
-
-bool PathInfo::match(const char *path)
-{
- switch (patternType) {
- case prefix:
- {
- bool ret = (strncmp(path, pattern, strlen(pattern)) == 0);
- if (!warned && ret && (strlen(pattern) != strlen(path))) {
- SLOGW("Deprecated implied prefix pattern detected, please use '%s*' instead", pattern);
- warned = true;
- }
- return ret;
- }
- case wildcard:
- return fnmatch(pattern, path, 0) == 0;
- }
- SLOGE("Bad matching type");
- return false;
-}
-
-DirectVolume::DirectVolume(VolumeManager *vm, const fstab_rec* rec, int flags) :
- Volume(vm, rec, flags) {
- mPaths = new PathCollection();
- for (int i = 0; i < MAX_PARTITIONS; i++)
- mPartMinors[i] = -1;
- mPendingPartCount = 0;
- mDiskMajor = -1;
- mDiskMinor = -1;
- mDiskNumParts = 0;
- mIsDecrypted = 0;
-
- if (strcmp(rec->mount_point, "auto") != 0) {
- ALOGE("Vold managed volumes must have auto mount point; ignoring %s",
- rec->mount_point);
- }
-
- char mount[PATH_MAX];
-
- snprintf(mount, PATH_MAX, "%s/%s", Volume::MEDIA_DIR, rec->label);
- mMountpoint = strdup(mount);
- snprintf(mount, PATH_MAX, "%s/%s", Volume::FUSE_DIR, rec->label);
- mFuseMountpoint = strdup(mount);
-
- setState(Volume::State_NoMedia);
-}
-
-DirectVolume::~DirectVolume() {
- PathCollection::iterator it;
-
- for (it = mPaths->begin(); it != mPaths->end(); ++it)
- delete *it;
- delete mPaths;
-}
-
-int DirectVolume::addPath(const char *path) {
- mPaths->push_back(new PathInfo(path));
- return 0;
-}
-
-dev_t DirectVolume::getDiskDevice() {
- return MKDEV(mDiskMajor, mDiskMinor);
-}
-
-dev_t DirectVolume::getShareDevice() {
- if (mPartIdx != -1) {
- return MKDEV(mDiskMajor, mPartIdx);
- } else {
- return MKDEV(mDiskMajor, mDiskMinor);
- }
-}
-
-void DirectVolume::handleVolumeShared() {
- setState(Volume::State_Shared);
-}
-
-void DirectVolume::handleVolumeUnshared() {
- setState(Volume::State_Idle);
-}
-
-int DirectVolume::handleBlockEvent(NetlinkEvent *evt) {
- const char *dp = evt->findParam("DEVPATH");
-
- PathCollection::iterator it;
- for (it = mPaths->begin(); it != mPaths->end(); ++it) {
- if ((*it)->match(dp)) {
- /* We can handle this disk */
- int action = evt->getAction();
- const char *devtype = evt->findParam("DEVTYPE");
-
- if (action == NetlinkEvent::NlActionAdd) {
- int major = atoi(evt->findParam("MAJOR"));
- int minor = atoi(evt->findParam("MINOR"));
- char nodepath[255];
-
- snprintf(nodepath,
- sizeof(nodepath), "/dev/block/vold/%d:%d",
- major, minor);
- if (createDeviceNode(nodepath, major, minor)) {
- SLOGE("Error making device node '%s' (%s)", nodepath,
- strerror(errno));
- }
- if (!strcmp(devtype, "disk")) {
- handleDiskAdded(dp, evt);
- } else {
- handlePartitionAdded(dp, evt);
- }
- /* Send notification iff disk is ready (ie all partitions found) */
- if (getState() == Volume::State_Idle) {
- char msg[255];
-
- snprintf(msg, sizeof(msg),
- "Volume %s %s disk inserted (%d:%d)", getLabel(),
- getFuseMountpoint(), mDiskMajor, mDiskMinor);
- mVm->getBroadcaster()->sendBroadcast(ResponseCode::VolumeDiskInserted,
- msg, false);
- }
- } else if (action == NetlinkEvent::NlActionRemove) {
- if (!strcmp(devtype, "disk")) {
- handleDiskRemoved(dp, evt);
- } else {
- handlePartitionRemoved(dp, evt);
- }
- } else if (action == NetlinkEvent::NlActionChange) {
- if (!strcmp(devtype, "disk")) {
- handleDiskChanged(dp, evt);
- } else {
- handlePartitionChanged(dp, evt);
- }
- } else {
- SLOGW("Ignoring non add/remove/change event");
- }
-
- return 0;
- }
- }
- errno = ENODEV;
- return -1;
-}
-
-void DirectVolume::handleDiskAdded(const char * /*devpath*/,
- NetlinkEvent *evt) {
- mDiskMajor = atoi(evt->findParam("MAJOR"));
- mDiskMinor = atoi(evt->findParam("MINOR"));
-
- const char *tmp = evt->findParam("NPARTS");
- if (tmp) {
- mDiskNumParts = atoi(tmp);
- } else {
- SLOGW("Kernel block uevent missing 'NPARTS'");
- mDiskNumParts = 1;
- }
-
- mPendingPartCount = mDiskNumParts;
- for (int i = 0; i < MAX_PARTITIONS; i++)
- mPartMinors[i] = -1;
-
- if (mDiskNumParts == 0) {
-#ifdef PARTITION_DEBUG
- SLOGD("Dv::diskIns - No partitions - good to go son!");
-#endif
- setState(Volume::State_Idle);
- } else {
-#ifdef PARTITION_DEBUG
- SLOGD("Dv::diskIns - waiting for %d pending partitions", mPendingPartCount);
-#endif
- setState(Volume::State_Pending);
- }
-}
-
-void DirectVolume::handlePartitionAdded(const char *devpath, NetlinkEvent *evt) {
- int major = atoi(evt->findParam("MAJOR"));
- int minor = atoi(evt->findParam("MINOR"));
-
- int part_num;
-
- const char *tmp = evt->findParam("PARTN");
-
- if (tmp) {
- part_num = atoi(tmp);
- } else {
- SLOGW("Kernel block uevent missing 'PARTN'");
- part_num = 1;
- }
-
- if (part_num > MAX_PARTITIONS || part_num < 1) {
- SLOGE("Invalid 'PARTN' value");
- return;
- }
-
- if (part_num > mDiskNumParts) {
- mDiskNumParts = part_num;
- }
-
- if (major != mDiskMajor) {
- SLOGE("Partition '%s' has a different major than its disk!", devpath);
- return;
- }
-#ifdef PARTITION_DEBUG
- SLOGD("Dv:partAdd: part_num = %d, minor = %d\n", part_num, minor);
-#endif
- if (part_num >= MAX_PARTITIONS) {
- SLOGE("Dv:partAdd: ignoring part_num = %d (max: %d)\n", part_num, MAX_PARTITIONS-1);
- } else {
- if ((mPartMinors[part_num - 1] == -1) && mPendingPartCount)
- mPendingPartCount--;
- mPartMinors[part_num -1] = minor;
- }
-
- if (!mPendingPartCount) {
-#ifdef PARTITION_DEBUG
- SLOGD("Dv:partAdd: Got all partitions - ready to rock!");
-#endif
- if (getState() != Volume::State_Formatting) {
- setState(Volume::State_Idle);
- if (mRetryMount == true) {
- mRetryMount = false;
- mountVol();
- }
- }
- } else {
-#ifdef PARTITION_DEBUG
- SLOGD("Dv:partAdd: pending %d disk", mPendingPartCount);
-#endif
- }
-}
-
-void DirectVolume::handleDiskChanged(const char * /*devpath*/,
- NetlinkEvent *evt) {
- int major = atoi(evt->findParam("MAJOR"));
- int minor = atoi(evt->findParam("MINOR"));
-
- if ((major != mDiskMajor) || (minor != mDiskMinor)) {
- return;
- }
-
- SLOGI("Volume %s disk has changed", getLabel());
- const char *tmp = evt->findParam("NPARTS");
- if (tmp) {
- mDiskNumParts = atoi(tmp);
- } else {
- SLOGW("Kernel block uevent missing 'NPARTS'");
- mDiskNumParts = 1;
- }
-
- mPendingPartCount = mDiskNumParts;
- for (int i = 0; i < MAX_PARTITIONS; i++)
- mPartMinors[i] = -1;
-
- if (getState() != Volume::State_Formatting) {
- if (mDiskNumParts == 0) {
- setState(Volume::State_Idle);
- } else {
- setState(Volume::State_Pending);
- }
- }
-}
-
-void DirectVolume::handlePartitionChanged(const char * /*devpath*/,
- NetlinkEvent *evt) {
- int major = atoi(evt->findParam("MAJOR"));
- int minor = atoi(evt->findParam("MINOR"));
- SLOGD("Volume %s %s partition %d:%d changed\n", getLabel(), getMountpoint(), major, minor);
-}
-
-void DirectVolume::handleDiskRemoved(const char * /*devpath*/,
- NetlinkEvent *evt) {
- int major = atoi(evt->findParam("MAJOR"));
- int minor = atoi(evt->findParam("MINOR"));
- char msg[255];
- bool enabled;
-
- SLOGD("Volume %s %s disk %d:%d removed\n", getLabel(), getMountpoint(), major, minor);
- if ((dev_t) MKDEV(major, minor) == mCurrentlyMountedKdev) {
- /*
- * Yikes, our mounted disk is going away!
- */
-
- doUnmount(major, minor);
- } else if (mVm->shareEnabled(getLabel(), "ums", &enabled) == 0 && enabled) {
- mVm->unshareVolume(getLabel(), "ums");
- }
-
- snprintf(msg, sizeof(msg), "Volume %s %s disk removed (%d:%d)",
- getLabel(), getFuseMountpoint(), major, minor);
- mVm->getBroadcaster()->sendBroadcast(ResponseCode::VolumeDiskRemoved,
- msg, false);
- setState(Volume::State_NoMedia);
-}
-
-void DirectVolume::handlePartitionRemoved(const char * /*devpath*/,
- NetlinkEvent *evt) {
- int major = atoi(evt->findParam("MAJOR"));
- int minor = atoi(evt->findParam("MINOR"));
- char msg[255];
- int state;
-
- SLOGD("Volume %s %s partition %d:%d removed\n", getLabel(), getMountpoint(), major, minor);
-
- /*
- * The framework doesn't need to get notified of
- * partition removal unless it's mounted. Otherwise
- * the removal notification will be sent on the Disk
- * itself
- */
- state = getState();
- if (state != Volume::State_Mounted && state != Volume::State_Shared) {
- return;
- }
-
- if ((dev_t) MKDEV(major, minor) == mCurrentlyMountedKdev) {
- /*
- * Yikes, our mounted partition is going away!
- */
- doUnmount(major, minor);
- } else if (state == Volume::State_Shared) {
- /* removed during mass storage */
- snprintf(msg, sizeof(msg), "Volume %s bad removal (%d:%d)",
- getLabel(), major, minor);
- mVm->getBroadcaster()->sendBroadcast(ResponseCode::VolumeBadRemoval,
- msg, false);
-
- if (mVm->unshareVolume(getLabel(), "ums")) {
- SLOGE("Failed to unshare volume on bad removal (%s)",
- strerror(errno));
- } else {
- SLOGD("Crisis averted");
- }
- }
-}
-
-void DirectVolume::doUnmount(int major, int minor) {
- char msg[255];
- bool providesAsec = (getFlags() & VOL_PROVIDES_ASEC) != 0;
- if (providesAsec && mVm->cleanupAsec(this, true)) {
- SLOGE("Failed to cleanup ASEC - unmount will probably fail!");
- }
-
- snprintf(msg, sizeof(msg), "Volume %s %s bad removal (%d:%d)",
- getLabel(), getFuseMountpoint(), major, minor);
- mVm->getBroadcaster()->sendBroadcast(ResponseCode::VolumeBadRemoval,
- msg, false);
-
- if (Volume::unmountVol(true, false)) {
- SLOGE("Failed to unmount volume on bad removal (%s)",
- strerror(errno));
- // XXX: At this point we're screwed for now
- } else {
- SLOGD("Crisis averted");
- }
-}
-
-/*
- * Called from base to get a list of devicenodes for mounting
- */
-int DirectVolume::getDeviceNodes(dev_t *devs, int max) {
-
- if (mPartIdx == -1) {
- // If the disk has no partitions, try the disk itself
- if (!mDiskNumParts) {
- devs[0] = MKDEV(mDiskMajor, mDiskMinor);
- return 1;
- }
-
- int i;
- for (i = 0; i < mDiskNumParts; i++) {
- if (i == max)
- break;
- devs[i] = MKDEV(mDiskMajor, mPartMinors[i]);
- }
- return mDiskNumParts;
- }
- devs[0] = MKDEV(mDiskMajor, mPartMinors[mPartIdx -1]);
- return 1;
-}
-
-/*
- * Called from base to update device info,
- * e.g. When setting up an dm-crypt mapping for the sd card.
- */
-int DirectVolume::updateDeviceInfo(char *new_path, int new_major, int new_minor)
-{
- PathCollection::iterator it;
-
- if (mPartIdx == -1) {
- SLOGE("Can only change device info on a partition\n");
- return -1;
- }
-
- /*
- * This is to change the sysfs path associated with a partition, in particular,
- * for an internal SD card partition that is encrypted. Thus, the list is
- * expected to be only 1 entry long. Check that and bail if not.
- */
- if (mPaths->size() != 1) {
- SLOGE("Cannot change path if there are more than one for a volume\n");
- return -1;
- }
-
- it = mPaths->begin();
- delete *it; /* Free the string storage */
- mPaths->erase(it); /* Remove it from the list */
- addPath(new_path); /* Put the new path on the list */
-
- /* Save away original info so we can restore it when doing factory reset.
- * Then, when doing the format, it will format the original device in the
- * clear, otherwise it just formats the encrypted device which is not
- * readable when the device boots unencrypted after the reset.
- */
- mOrigDiskMajor = mDiskMajor;
- mOrigDiskMinor = mDiskMinor;
- mOrigPartIdx = mPartIdx;
- memcpy(mOrigPartMinors, mPartMinors, sizeof(mPartMinors));
-
- mDiskMajor = new_major;
- mDiskMinor = new_minor;
- /* Ugh, virual block devices don't use minor 0 for whole disk and minor > 0 for
- * partition number. They don't have partitions, they are just virtual block
- * devices, and minor number 0 is the first dm-crypt device. Luckily the first
- * dm-crypt device is for the userdata partition, which gets minor number 0, and
- * it is not managed by vold. So the next device is minor number one, which we
- * will call partition one.
- */
- mPartIdx = new_minor;
- mPartMinors[new_minor-1] = new_minor;
-
- mIsDecrypted = 1;
-
- return 0;
-}
-
-/*
- * Called from base to revert device info to the way it was before a
- * crypto mapping was created for it.
- */
-void DirectVolume::revertDeviceInfo(void)
-{
- if (mIsDecrypted) {
- mDiskMajor = mOrigDiskMajor;
- mDiskMinor = mOrigDiskMinor;
- mPartIdx = mOrigPartIdx;
- memcpy(mPartMinors, mOrigPartMinors, sizeof(mPartMinors));
-
- mIsDecrypted = 0;
- }
-
- return;
-}
-
-/*
- * Called from base to give cryptfs all the info it needs to encrypt eligible volumes
- */
-int DirectVolume::getVolInfo(struct volume_info *v)
-{
- strcpy(v->label, mLabel);
- strcpy(v->mnt_point, mMountpoint);
- v->flags = getFlags();
- /* Other fields of struct volume_info are filled in by the caller or cryptfs.c */
-
- return 0;
-}
diff --git a/DirectVolume.h b/DirectVolume.h
deleted file mode 100644
index 96f46af..0000000
--- a/DirectVolume.h
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Copyright (C) 2008 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef _DEVICEVOLUME_H
-#define _DEVICEVOLUME_H
-
-#include <utils/List.h>
-
-#include "Volume.h"
-
-class PathInfo {
-public:
- PathInfo(const char *pattern);
- ~PathInfo();
- bool match(const char *path);
-private:
- bool warned;
- char *pattern;
- enum PatternType { prefix, wildcard };
- PatternType patternType;
-};
-
-typedef android::List<PathInfo *> PathCollection;
-
-class DirectVolume : public Volume {
-public:
- static const int MAX_PARTITIONS = 32;
-protected:
- const char* mMountpoint;
- const char* mFuseMountpoint;
-
- PathCollection *mPaths;
- int mDiskMajor;
- int mDiskMinor;
- int mPartMinors[MAX_PARTITIONS];
- int mOrigDiskMajor;
- int mOrigDiskMinor;
- int mOrigPartMinors[MAX_PARTITIONS];
- int mDiskNumParts;
- int mPendingPartCount;
- int mIsDecrypted;
-
-public:
- DirectVolume(VolumeManager *vm, const fstab_rec* rec, int flags);
- virtual ~DirectVolume();
-
- int addPath(const char *path);
-
- const char *getMountpoint() { return mMountpoint; }
- const char *getFuseMountpoint() { return mFuseMountpoint; }
-
- int handleBlockEvent(NetlinkEvent *evt);
- dev_t getDiskDevice();
- dev_t getShareDevice();
- void handleVolumeShared();
- void handleVolumeUnshared();
- int getVolInfo(struct volume_info *v);
-
-protected:
- int getDeviceNodes(dev_t *devs, int max);
- int updateDeviceInfo(char *new_path, int new_major, int new_minor);
- virtual void revertDeviceInfo(void);
- int isDecrypted() { return mIsDecrypted; }
-
-private:
- void handleDiskAdded(const char *devpath, NetlinkEvent *evt);
- void handleDiskRemoved(const char *devpath, NetlinkEvent *evt);
- void handleDiskChanged(const char *devpath, NetlinkEvent *evt);
- void handlePartitionAdded(const char *devpath, NetlinkEvent *evt);
- void handlePartitionRemoved(const char *devpath, NetlinkEvent *evt);
- void handlePartitionChanged(const char *devpath, NetlinkEvent *evt);
-
- int doMountVfat(const char *deviceNode, const char *mountPoint);
- void doUnmount(int major, int minor);
-
-};
-
-typedef android::List<DirectVolume *> DirectVolumeCollection;
-
-#endif
diff --git a/Disk.cpp b/Disk.cpp
new file mode 100644
index 0000000..5b5d769
--- /dev/null
+++ b/Disk.cpp
@@ -0,0 +1,498 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "Disk.h"
+#include "PublicVolume.h"
+#include "PrivateVolume.h"
+#include "Utils.h"
+#include "VolumeBase.h"
+#include "VolumeManager.h"
+#include "ResponseCode.h"
+
+#include <base/file.h>
+#include <base/stringprintf.h>
+#include <base/logging.h>
+#include <diskconfig/diskconfig.h>
+
+#include <vector>
+#include <fcntl.h>
+#include <inttypes.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mount.h>
+
+#define ENTIRE_DEVICE_FALLBACK 0
+
+using android::base::ReadFileToString;
+using android::base::WriteStringToFile;
+using android::base::StringPrintf;
+
+namespace android {
+namespace vold {
+
+static const char* kSgdiskPath = "/system/bin/sgdisk";
+static const char* kSgdiskToken = " \t\n";
+
+static const char* kSysfsMmcMaxMinors = "/sys/module/mmcblk/parameters/perdev_minors";
+
+static const unsigned int kMajorBlockScsiA = 8;
+static const unsigned int kMajorBlockScsiB = 65;
+static const unsigned int kMajorBlockScsiC = 66;
+static const unsigned int kMajorBlockScsiD = 67;
+static const unsigned int kMajorBlockScsiE = 68;
+static const unsigned int kMajorBlockScsiF = 69;
+static const unsigned int kMajorBlockScsiG = 70;
+static const unsigned int kMajorBlockScsiH = 71;
+static const unsigned int kMajorBlockScsiI = 128;
+static const unsigned int kMajorBlockScsiJ = 129;
+static const unsigned int kMajorBlockScsiK = 130;
+static const unsigned int kMajorBlockScsiL = 131;
+static const unsigned int kMajorBlockScsiM = 132;
+static const unsigned int kMajorBlockScsiN = 133;
+static const unsigned int kMajorBlockScsiO = 134;
+static const unsigned int kMajorBlockScsiP = 135;
+static const unsigned int kMajorBlockMmc = 179;
+
+static const char* kGptBasicData = "EBD0A0A2-B9E5-4433-87C0-68B6B72699C7";
+static const char* kGptAndroidMeta = "19A710A2-B3CA-11E4-B026-10604B889DCF";
+static const char* kGptAndroidExpand = "193D1EA4-B3CA-11E4-B075-10604B889DCF";
+
+static const char* kKeyPath = "/data/misc/vold";
+
+enum class Table {
+ kUnknown,
+ kMbr,
+ kGpt,
+};
+
+Disk::Disk(const std::string& eventPath, dev_t device,
+ const std::string& nickname, int flags) :
+ mDevice(device), mSize(-1), mNickname(nickname), mFlags(flags), mCreated(
+ false), mJustPartitioned(false) {
+ mId = StringPrintf("disk:%u,%u", major(device), minor(device));
+ mEventPath = eventPath;
+ mSysPath = StringPrintf("/sys/%s", eventPath.c_str());
+ mDevPath = StringPrintf("/dev/block/vold/%s", mId.c_str());
+ CreateDeviceNode(mDevPath, mDevice);
+}
+
+Disk::~Disk() {
+ CHECK(!mCreated);
+ DestroyDeviceNode(mDevPath);
+}
+
+std::shared_ptr<VolumeBase> Disk::findVolume(const std::string& id) {
+ for (auto vol : mVolumes) {
+ if (vol->getId() == id) {
+ return vol;
+ }
+ auto stackedVol = vol->findVolume(id);
+ if (stackedVol != nullptr) {
+ return stackedVol;
+ }
+ }
+ return nullptr;
+}
+
+status_t Disk::create() {
+ CHECK(!mCreated);
+ mCreated = true;
+ notifyEvent(ResponseCode::DiskCreated, StringPrintf("%d", mFlags));
+ readMetadata();
+ readPartitions();
+ return OK;
+}
+
+status_t Disk::destroy() {
+ CHECK(mCreated);
+ destroyAllVolumes();
+ mCreated = false;
+ notifyEvent(ResponseCode::DiskDestroyed);
+ return OK;
+}
+
+static std::string BuildKeyPath(const std::string& partGuid) {
+ return StringPrintf("%s/expand_%s.key", kKeyPath, partGuid.c_str());
+}
+
+void Disk::createPublicVolume(dev_t device) {
+ auto vol = std::shared_ptr<VolumeBase>(new PublicVolume(device));
+ if (mJustPartitioned) {
+ LOG(DEBUG) << "Device just partitioned; silently formatting";
+ vol->setSilent(true);
+ vol->create();
+ vol->format();
+ vol->destroy();
+ vol->setSilent(false);
+ }
+
+ mVolumes.push_back(vol);
+ vol->setDiskId(getId());
+ vol->create();
+}
+
+void Disk::createPrivateVolume(dev_t device, const std::string& partGuid) {
+ std::string tmp;
+ std::string normalizedGuid;
+ if (HexToStr(partGuid, tmp)) {
+ LOG(WARNING) << "Invalid GUID " << partGuid;
+ return;
+ }
+ StrToHex(tmp, normalizedGuid);
+
+ std::string keyRaw;
+ if (!ReadFileToString(BuildKeyPath(normalizedGuid), &keyRaw)) {
+ PLOG(ERROR) << "Failed to load key for GUID " << normalizedGuid;
+ return;
+ }
+
+ LOG(DEBUG) << "Found key for GUID " << normalizedGuid;
+
+ auto vol = std::shared_ptr<VolumeBase>(new PrivateVolume(device, keyRaw));
+ if (mJustPartitioned) {
+ LOG(DEBUG) << "Device just partitioned; silently formatting";
+ vol->setSilent(true);
+ vol->create();
+ vol->format();
+ vol->destroy();
+ vol->setSilent(false);
+ }
+
+ mVolumes.push_back(vol);
+ vol->setDiskId(getId());
+ vol->create();
+}
+
+void Disk::destroyAllVolumes() {
+ for (auto vol : mVolumes) {
+ vol->destroy();
+ }
+ mVolumes.clear();
+}
+
+status_t Disk::readMetadata() {
+ mSize = -1;
+ mLabel.clear();
+
+ int fd = open(mDevPath.c_str(), O_RDONLY | O_CLOEXEC);
+ if (fd != -1) {
+ if (ioctl(fd, BLKGETSIZE64, &mSize)) {
+ mSize = -1;
+ }
+ close(fd);
+ }
+
+ switch (major(mDevice)) {
+ case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC: case kMajorBlockScsiD:
+ case kMajorBlockScsiE: case kMajorBlockScsiF: case kMajorBlockScsiG: case kMajorBlockScsiH:
+ case kMajorBlockScsiI: case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
+ case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO: case kMajorBlockScsiP: {
+ std::string path(mSysPath + "/device/vendor");
+ std::string tmp;
+ if (!ReadFileToString(path, &tmp)) {
+ PLOG(WARNING) << "Failed to read vendor from " << path;
+ return -errno;
+ }
+ mLabel = tmp;
+ break;
+ }
+ case kMajorBlockMmc: {
+ std::string path(mSysPath + "/device/manfid");
+ std::string tmp;
+ if (!ReadFileToString(path, &tmp)) {
+ PLOG(WARNING) << "Failed to read manufacturer from " << path;
+ return -errno;
+ }
+ uint64_t manfid = strtoll(tmp.c_str(), nullptr, 16);
+ // Our goal here is to give the user a meaningful label, ideally
+ // matching whatever is silk-screened on the card. To reduce
+ // user confusion, this list doesn't contain white-label manfid.
+ switch (manfid) {
+ case 0x000003: mLabel = "SanDisk"; break;
+ case 0x00001b: mLabel = "Samsung"; break;
+ case 0x000028: mLabel = "Lexar"; break;
+ case 0x000074: mLabel = "Transcend"; break;
+ }
+ break;
+ }
+ default: {
+ LOG(WARNING) << "Unsupported block major type" << major(mDevice);
+ return -ENOTSUP;
+ }
+ }
+
+ notifyEvent(ResponseCode::DiskSizeChanged, StringPrintf("%" PRId64, mSize));
+ notifyEvent(ResponseCode::DiskLabelChanged, mLabel);
+ return OK;
+}
+
+status_t Disk::readPartitions() {
+ int8_t maxMinors = getMaxMinors();
+ if (maxMinors < 0) {
+ return -ENOTSUP;
+ }
+
+ destroyAllVolumes();
+
+ // Parse partition table
+
+ std::vector<std::string> cmd;
+ cmd.push_back(kSgdiskPath);
+ cmd.push_back("--android-dump");
+ cmd.push_back(mDevPath);
+
+ std::vector<std::string> output;
+ status_t res = ForkExecvp(cmd, output);
+ if (res != OK) {
+ LOG(WARNING) << "sgdisk failed to scan " << mDevPath;
+ notifyEvent(ResponseCode::DiskScanned);
+ mJustPartitioned = false;
+ return res;
+ }
+
+ Table table = Table::kUnknown;
+ bool foundParts = false;
+ for (auto line : output) {
+ char* cline = (char*) line.c_str();
+ char* token = strtok(cline, kSgdiskToken);
+ if (token == nullptr) continue;
+
+ if (!strcmp(token, "DISK")) {
+ const char* type = strtok(nullptr, kSgdiskToken);
+ if (!strcmp(type, "mbr")) {
+ table = Table::kMbr;
+ } else if (!strcmp(type, "gpt")) {
+ table = Table::kGpt;
+ }
+ } else if (!strcmp(token, "PART")) {
+ foundParts = true;
+ int i = strtol(strtok(nullptr, kSgdiskToken), nullptr, 10);
+ if (i <= 0 || i > maxMinors) {
+ LOG(WARNING) << mId << " is ignoring partition " << i
+ << " beyond max supported devices";
+ continue;
+ }
+ dev_t partDevice = makedev(major(mDevice), minor(mDevice) + i);
+
+ if (table == Table::kMbr) {
+ const char* type = strtok(nullptr, kSgdiskToken);
+
+ switch (strtol(type, nullptr, 16)) {
+ case 0x06: // FAT16
+ case 0x0b: // W95 FAT32 (LBA)
+ case 0x0c: // W95 FAT32 (LBA)
+ case 0x0e: // W95 FAT16 (LBA)
+ createPublicVolume(partDevice);
+ break;
+ }
+ } else if (table == Table::kGpt) {
+ const char* typeGuid = strtok(nullptr, kSgdiskToken);
+ const char* partGuid = strtok(nullptr, kSgdiskToken);
+
+ if (!strcasecmp(typeGuid, kGptBasicData)) {
+ createPublicVolume(partDevice);
+ } else if (!strcasecmp(typeGuid, kGptAndroidExpand)) {
+ createPrivateVolume(partDevice, partGuid);
+ }
+ }
+ }
+ }
+
+#if ENTIRE_DEVICE_FALLBACK
+ // Ugly last ditch effort, treat entire disk as partition
+ if (table == Table::kUnknown || !foundParts) {
+ // TODO: use blkid to confirm filesystem before doing this
+ LOG(WARNING) << mId << " has unknown partition table; trying entire device";
+ createPublicVolume(mDevice);
+ }
+#endif
+
+ notifyEvent(ResponseCode::DiskScanned);
+ mJustPartitioned = false;
+ return OK;
+}
+
+status_t Disk::unmountAll() {
+ for (auto vol : mVolumes) {
+ vol->unmount();
+ }
+ return OK;
+}
+
+status_t Disk::partitionPublic() {
+ // TODO: improve this code
+ destroyAllVolumes();
+ mJustPartitioned = true;
+
+ struct disk_info dinfo;
+ memset(&dinfo, 0, sizeof(dinfo));
+
+ if (!(dinfo.part_lst = (struct part_info *) malloc(
+ MAX_NUM_PARTS * sizeof(struct part_info)))) {
+ return -1;
+ }
+
+ memset(dinfo.part_lst, 0, MAX_NUM_PARTS * sizeof(struct part_info));
+ dinfo.device = strdup(mDevPath.c_str());
+ dinfo.scheme = PART_SCHEME_MBR;
+ dinfo.sect_size = 512;
+ dinfo.skip_lba = 2048;
+ dinfo.num_lba = 0;
+ dinfo.num_parts = 1;
+
+ struct part_info *pinfo = &dinfo.part_lst[0];
+
+ pinfo->name = strdup("android_sdcard");
+ pinfo->flags |= PART_ACTIVE_FLAG;
+ pinfo->type = PC_PART_TYPE_FAT32;
+ pinfo->len_kb = -1;
+
+ int rc = apply_disk_config(&dinfo, 0);
+ if (rc) {
+ LOG(ERROR) << "Failed to apply disk configuration: " << rc;
+ goto out;
+ }
+
+out:
+ free(pinfo->name);
+ free(dinfo.device);
+ free(dinfo.part_lst);
+
+ return rc;
+}
+
+status_t Disk::partitionPrivate() {
+ return partitionMixed(0);
+}
+
+status_t Disk::partitionMixed(int8_t ratio) {
+ int res;
+
+ destroyAllVolumes();
+ mJustPartitioned = true;
+
+ // First nuke any existing partition table
+ std::vector<std::string> cmd;
+ cmd.push_back(kSgdiskPath);
+ cmd.push_back("--zap-all");
+ cmd.push_back(mDevPath);
+
+ // Zap sometimes returns an error when it actually succeeded, so
+ // just log as warning and keep rolling forward.
+ if ((res = ForkExecvp(cmd)) != 0) {
+ LOG(WARNING) << "Failed to zap; status " << res;
+ }
+
+ // We've had some success above, so generate both the private partition
+ // GUID and encryption key and persist them.
+ std::string partGuidRaw;
+ std::string keyRaw;
+ if (ReadRandomBytes(16, partGuidRaw) || ReadRandomBytes(16, keyRaw)) {
+ LOG(ERROR) << "Failed to generate GUID or key";
+ return -EIO;
+ }
+
+ std::string partGuid;
+ StrToHex(partGuidRaw, partGuid);
+
+ if (!WriteStringToFile(keyRaw, BuildKeyPath(partGuid))) {
+ LOG(ERROR) << "Failed to persist key";
+ return -EIO;
+ } else {
+ LOG(DEBUG) << "Persisted key for GUID " << partGuid;
+ }
+
+ // Now let's build the new GPT table. We heavily rely on sgdisk to
+ // force optimal alignment on the created partitions.
+ cmd.clear();
+ cmd.push_back(kSgdiskPath);
+
+ // If requested, create a public partition first. Mixed-mode partitioning
+ // like this is an experimental feature.
+ if (ratio > 0) {
+ if (ratio < 10 || ratio > 90) {
+ LOG(ERROR) << "Mixed partition ratio must be between 10-90%";
+ return -EINVAL;
+ }
+
+ uint64_t splitMb = ((mSize / 100) * ratio) / 1024 / 1024;
+ cmd.push_back(StringPrintf("--new=0:0:+%" PRId64 "M", splitMb));
+ cmd.push_back(StringPrintf("--typecode=0:%s", kGptBasicData));
+ cmd.push_back("--change-name=0:shared");
+ }
+
+ // Define a metadata partition which is designed for future use; there
+ // should only be one of these per physical device, even if there are
+ // multiple private volumes.
+ cmd.push_back("--new=0:0:+16M");
+ cmd.push_back(StringPrintf("--typecode=0:%s", kGptAndroidMeta));
+ cmd.push_back("--change-name=0:android_meta");
+
+ // Define a single private partition filling the rest of disk.
+ cmd.push_back("--new=0:0:-0");
+ cmd.push_back(StringPrintf("--typecode=0:%s", kGptAndroidExpand));
+ cmd.push_back(StringPrintf("--partition-guid=0:%s", partGuid.c_str()));
+ cmd.push_back("--change-name=0:android_expand");
+
+ cmd.push_back(mDevPath);
+
+ if ((res = ForkExecvp(cmd)) != 0) {
+ LOG(ERROR) << "Failed to partition; status " << res;
+ return res;
+ }
+
+ return OK;
+}
+
+void Disk::notifyEvent(int event) {
+ VolumeManager::Instance()->getBroadcaster()->sendBroadcast(event,
+ getId().c_str(), false);
+}
+
+void Disk::notifyEvent(int event, const std::string& value) {
+ VolumeManager::Instance()->getBroadcaster()->sendBroadcast(event,
+ StringPrintf("%s %s", getId().c_str(), value.c_str()).c_str(), false);
+}
+
+int Disk::getMaxMinors() {
+ // Figure out maximum partition devices supported
+ switch (major(mDevice)) {
+ case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC: case kMajorBlockScsiD:
+ case kMajorBlockScsiE: case kMajorBlockScsiF: case kMajorBlockScsiG: case kMajorBlockScsiH:
+ case kMajorBlockScsiI: case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
+ case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO: case kMajorBlockScsiP: {
+ // Per Documentation/devices.txt this is static
+ return 15;
+ }
+ case kMajorBlockMmc: {
+ // Per Documentation/devices.txt this is dynamic
+ std::string tmp;
+ if (!ReadFileToString(kSysfsMmcMaxMinors, &tmp)) {
+ LOG(ERROR) << "Failed to read max minors";
+ return -errno;
+ }
+ return atoi(tmp.c_str());
+ }
+ }
+
+ LOG(ERROR) << "Unsupported block major type " << major(mDevice);
+ return -ENOTSUP;
+}
+
+} // namespace vold
+} // namespace android
diff --git a/Disk.h b/Disk.h
new file mode 100644
index 0000000..a8461fb
--- /dev/null
+++ b/Disk.h
@@ -0,0 +1,119 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ANDROID_VOLD_DISK_H
+#define ANDROID_VOLD_DISK_H
+
+#include "Utils.h"
+
+#include <utils/Errors.h>
+
+#include <vector>
+
+namespace android {
+namespace vold {
+
+class VolumeBase;
+
+/*
+ * Representation of detected physical media.
+ *
+ * Knows how to create volumes based on the partition tables found, and also
+ * how to repartition itself.
+ */
+class Disk {
+public:
+ Disk(const std::string& eventPath, dev_t device, const std::string& nickname, int flags);
+ virtual ~Disk();
+
+ enum Flags {
+ /* Flag that disk is adoptable */
+ kAdoptable = 1 << 0,
+ /* Flag that disk is considered primary when the user hasn't
+ * explicitly picked a primary storage location */
+ kDefaultPrimary = 1 << 1,
+ /* Flag that disk is SD card */
+ kSd = 1 << 2,
+ /* Flag that disk is USB disk */
+ kUsb = 1 << 3,
+ };
+
+ const std::string& getId() { return mId; }
+ const std::string& getEventPath() { return mEventPath; }
+ const std::string& getSysPath() { return mSysPath; }
+ const std::string& getDevPath() { return mDevPath; }
+ dev_t getDevice() { return mDevice; }
+ uint64_t getSize() { return mSize; }
+ const std::string& getLabel() { return mLabel; }
+ int getFlags() { return mFlags; }
+
+ std::shared_ptr<VolumeBase> findVolume(const std::string& id);
+
+ status_t create();
+ status_t destroy();
+
+ status_t readMetadata();
+ status_t readPartitions();
+
+ status_t unmountAll();
+
+ status_t partitionPublic();
+ status_t partitionPrivate();
+ status_t partitionMixed(int8_t ratio);
+
+ void notifyEvent(int msg);
+ void notifyEvent(int msg, const std::string& value);
+
+private:
+ /* ID that uniquely references this disk */
+ std::string mId;
+ /* Original event path */
+ std::string mEventPath;
+ /* Device path under sysfs */
+ std::string mSysPath;
+ /* Device path under dev */
+ std::string mDevPath;
+ /* Kernel device representing disk */
+ dev_t mDevice;
+ /* Size of disk, in bytes */
+ uint64_t mSize;
+ /* User-visible label, such as manufacturer */
+ std::string mLabel;
+ /* Current partitions on disk */
+ std::vector<std::shared_ptr<VolumeBase>> mVolumes;
+ /* Nickname for this disk */
+ std::string mNickname;
+ /* Flags applicable to this disk */
+ int mFlags;
+ /* Flag indicating object is created */
+ bool mCreated;
+ /* Flag that we just partitioned and should format all volumes */
+ bool mJustPartitioned;
+
+ void createPublicVolume(dev_t device);
+ void createPrivateVolume(dev_t device, const std::string& partGuid);
+
+ void destroyAllVolumes();
+
+ int getMaxMinors();
+
+ DISALLOW_COPY_AND_ASSIGN(Disk);
+};
+
+} // namespace vold
+} // namespace android
+
+#endif
diff --git a/EmulatedVolume.cpp b/EmulatedVolume.cpp
new file mode 100644
index 0000000..7098872
--- /dev/null
+++ b/EmulatedVolume.cpp
@@ -0,0 +1,108 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "EmulatedVolume.h"
+#include "Utils.h"
+
+#include <base/stringprintf.h>
+#include <base/logging.h>
+#include <cutils/fs.h>
+#include <private/android_filesystem_config.h>
+
+#include <fcntl.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+using android::base::StringPrintf;
+
+namespace android {
+namespace vold {
+
+static const char* kFusePath = "/system/bin/sdcard";
+
+EmulatedVolume::EmulatedVolume(const std::string& rawPath) :
+ VolumeBase(Type::kEmulated), mFusePid(0) {
+ setId("emulated");
+ mFusePath = "/storage/emulated";
+ mRawPath = rawPath;
+}
+
+EmulatedVolume::EmulatedVolume(const std::string& rawPath, dev_t device,
+ const std::string& fsUuid) : VolumeBase(Type::kEmulated), mFusePid(0) {
+ setId(StringPrintf("emulated:%u,%u", major(device), minor(device)));
+ mFusePath = StringPrintf("/storage/%s", fsUuid.c_str());
+ mRawPath = rawPath;
+}
+
+EmulatedVolume::~EmulatedVolume() {
+}
+
+status_t EmulatedVolume::doMount() {
+ if (fs_prepare_dir(mFusePath.c_str(), 0700, AID_ROOT, AID_ROOT)) {
+ PLOG(ERROR) << getId() << " failed to create mount point " << mFusePath;
+ return -errno;
+ }
+
+ setPath(mFusePath);
+ setInternalPath(mRawPath);
+
+ if (!(mFusePid = fork())) {
+ // TODO: protect when not mounted as visible
+ if (execl(kFusePath, kFusePath,
+ "-u", "1023", // AID_MEDIA_RW
+ "-g", "1023", // AID_MEDIA_RW
+ "-l",
+ mRawPath.c_str(),
+ mFusePath.c_str(),
+ NULL)) {
+ PLOG(ERROR) << "Failed to exec";
+ }
+
+ PLOG(DEBUG) << "FUSE exiting";
+ _exit(1);
+ }
+
+ if (mFusePid == -1) {
+ PLOG(ERROR) << getId() << " failed to fork";
+ return -errno;
+ }
+
+ return OK;
+}
+
+status_t EmulatedVolume::doUnmount() {
+ if (mFusePid > 0) {
+ kill(mFusePid, SIGTERM);
+ TEMP_FAILURE_RETRY(waitpid(mFusePid, nullptr, 0));
+ mFusePid = 0;
+ }
+
+ ForceUnmount(mFusePath);
+ ForceUnmount(mRawPath);
+
+ if (TEMP_FAILURE_RETRY(rmdir(mFusePath.c_str()))) {
+ PLOG(ERROR) << getId() << " failed to rmdir mount point " << mFusePath;
+ return -errno;
+ }
+
+ return OK;
+}
+
+} // namespace vold
+} // namespace android
diff --git a/EmulatedVolume.h b/EmulatedVolume.h
new file mode 100644
index 0000000..04d4508
--- /dev/null
+++ b/EmulatedVolume.h
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ANDROID_VOLD_EMULATED_VOLUME_H
+#define ANDROID_VOLD_EMULATED_VOLUME_H
+
+#include "VolumeBase.h"
+
+#include <cutils/multiuser.h>
+
+namespace android {
+namespace vold {
+
+/*
+ * Shared storage emulated on top of private storage.
+ *
+ * Knows how to spawn a FUSE daemon to synthesize permissions. ObbVolume
+ * can be stacked above it.
+ *
+ * This volume is always multi-user aware, but is only binds itself to
+ * users when its primary storage. This volume should never be presented
+ * as secondary storage, since we're strongly encouraging developers to
+ * store data local to their app.
+ */
+class EmulatedVolume : public VolumeBase {
+public:
+ EmulatedVolume(const std::string& rawPath);
+ EmulatedVolume(const std::string& rawPath, dev_t device, const std::string& fsUuid);
+ virtual ~EmulatedVolume();
+
+protected:
+ status_t doMount() override;
+ status_t doUnmount() override;
+
+private:
+ /* Mount point of raw storage */
+ std::string mRawPath;
+ /* Mount point of visible storage */
+ std::string mFusePath;
+ /* PID of FUSE wrapper */
+ pid_t mFusePid;
+
+ DISALLOW_COPY_AND_ASSIGN(EmulatedVolume);
+};
+
+} // namespace vold
+} // namespace android
+
+#endif
diff --git a/Ext4.cpp b/Ext4.cpp
index f5a964a..a208eb5 100644
--- a/Ext4.cpp
+++ b/Ext4.cpp
@@ -23,6 +23,8 @@
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
+#include <vector>
+#include <string>
#include <sys/types.h>
#include <sys/stat.h>
@@ -35,16 +37,84 @@
#define LOG_TAG "Vold"
+#include <base/logging.h>
+#include <base/stringprintf.h>
#include <cutils/log.h>
#include <cutils/properties.h>
-
#include <logwrap/logwrap.h>
+#include <selinux/selinux.h>
#include "Ext4.h"
+#include "Utils.h"
#include "VoldUtil.h"
-#define MKEXT4FS_PATH "/system/bin/make_ext4fs"
-#define RESIZE2FS_PATH "/system/bin/resize2fs"
+using android::base::StringPrintf;
+
+static const char* kResizefsPath = "/system/bin/resize2fs";
+static const char* kMkfsPath = "/system/bin/make_ext4fs";
+static const char* kFsckPath = "/system/bin/e2fsck";
+
+int Ext4::check(const char *fsPath, const char *mountPoint) {
+ // The following is shamelessly borrowed from fs_mgr.c, so it should be
+ // kept in sync with any changes over there.
+
+ char* blk_device = (char*) fsPath;
+ char* target = (char*) mountPoint;
+
+ int status;
+ int ret;
+ long tmpmnt_flags = MS_NOATIME | MS_NOEXEC | MS_NOSUID;
+ char *tmpmnt_opts = (char*) "nomblk_io_submit,errors=remount-ro";
+
+ /*
+ * First try to mount and unmount the filesystem. We do this because
+ * the kernel is more efficient than e2fsck in running the journal and
+ * processing orphaned inodes, and on at least one device with a
+ * performance issue in the emmc firmware, it can take e2fsck 2.5 minutes
+ * to do what the kernel does in about a second.
+ *
+ * After mounting and unmounting the filesystem, run e2fsck, and if an
+ * error is recorded in the filesystem superblock, e2fsck will do a full
+ * check. Otherwise, it does nothing. If the kernel cannot mount the
+ * filesytsem due to an error, e2fsck is still run to do a full check
+ * fix the filesystem.
+ */
+ ret = mount(blk_device, target, "ext4", tmpmnt_flags, tmpmnt_opts);
+ if (!ret) {
+ int i;
+ for (i = 0; i < 5; i++) {
+ // Try to umount 5 times before continuing on.
+ // Should we try rebooting if all attempts fail?
+ int result = umount(target);
+ if (result == 0) {
+ break;
+ }
+ ALOGW("%s(): umount(%s)=%d: %s\n", __func__, target, result, strerror(errno));
+ sleep(1);
+ }
+ }
+
+ /*
+ * Some system images do not have e2fsck for licensing reasons
+ * (e.g. recent SDK system images). Detect these and skip the check.
+ */
+ if (access(kFsckPath, X_OK)) {
+ ALOGD("Not running %s on %s (executable not in system image)\n",
+ kFsckPath, blk_device);
+ } else {
+ ALOGD("Running %s on %s\n", kFsckPath, blk_device);
+
+ std::vector<std::string> cmd;
+ cmd.push_back(kFsckPath);
+ cmd.push_back("-y");
+ cmd.push_back(blk_device);
+
+ // Ext4 devices are currently always trusted
+ return android::vold::ForkExecvp(cmd, android::vold::sFsckContext);
+ }
+
+ return 0;
+}
int Ext4::doMount(const char *fsPath, const char *mountPoint, bool ro, bool remount,
bool executable) {
@@ -69,92 +139,31 @@
}
int Ext4::resize(const char *fspath, unsigned int numSectors) {
- const char *args[4];
- char* size_str;
- int rc;
- int status;
+ std::vector<std::string> cmd;
+ cmd.push_back(kResizefsPath);
+ cmd.push_back("-f");
+ cmd.push_back(fspath);
+ cmd.push_back(StringPrintf("%u", numSectors));
- args[0] = RESIZE2FS_PATH;
- args[1] = "-f";
- args[2] = fspath;
- if (asprintf(&size_str, "%ds", numSectors) < 0)
- {
- SLOGE("Filesystem (ext4) resize failed to set size");
- return -1;
- }
- args[3] = size_str;
- rc = android_fork_execvp(ARRAY_SIZE(args), (char **)args, &status, false,
- true);
- free(size_str);
- if (rc != 0) {
- SLOGE("Filesystem (ext4) resize failed due to logwrap error");
- errno = EIO;
- return -1;
- }
-
- if (!WIFEXITED(status)) {
- SLOGE("Filesystem (ext4) resize did not exit properly");
- errno = EIO;
- return -1;
- }
-
- status = WEXITSTATUS(status);
-
- if (status == 0) {
- SLOGI("Filesystem (ext4) resized OK");
- return 0;
- } else {
- SLOGE("Resize (ext4) failed (unknown exit code %d)", status);
- errno = EIO;
- return -1;
- }
- return 0;
+ return android::vold::ForkExecvp(cmd);
}
int Ext4::format(const char *fsPath, unsigned int numSectors, const char *mountpoint) {
- const char *args[7];
- int rc;
- int status;
+ std::vector<std::string> cmd;
+ cmd.push_back(kMkfsPath);
+ cmd.push_back("-J");
- args[0] = MKEXT4FS_PATH;
- args[1] = "-J";
- args[2] = "-a";
- args[3] = mountpoint;
+ cmd.push_back("-a");
+ cmd.push_back(mountpoint);
+
if (numSectors) {
- char tmp[32];
- snprintf(tmp, sizeof(tmp), "%u", numSectors * 512);
- const char *size = tmp;
- args[4] = "-l";
- args[5] = size;
- args[6] = fsPath;
- rc = android_fork_execvp(ARRAY_SIZE(args), (char **)args, &status, false, true);
- } else {
- args[4] = fsPath;
- rc = android_fork_execvp(5, (char **)args, &status, false, true);
- }
- rc = android_fork_execvp(ARRAY_SIZE(args), (char **)args, &status, false,
- true);
- if (rc != 0) {
- SLOGE("Filesystem (ext4) format failed due to logwrap error");
- errno = EIO;
- return -1;
+ cmd.push_back("-l");
+ cmd.push_back(StringPrintf("%u", numSectors * 512));
}
- if (!WIFEXITED(status)) {
- SLOGE("Filesystem (ext4) format did not exit properly");
- errno = EIO;
- return -1;
- }
+ // Always generate a real UUID
+ cmd.push_back("-u");
+ cmd.push_back(fsPath);
- status = WEXITSTATUS(status);
-
- if (status == 0) {
- SLOGI("Filesystem (ext4) formatted OK");
- return 0;
- } else {
- SLOGE("Format (ext4) failed (unknown exit code %d)", status);
- errno = EIO;
- return -1;
- }
- return 0;
+ return android::vold::ForkExecvp(cmd);
}
diff --git a/Ext4.h b/Ext4.h
index c768f5a..55672af 100644
--- a/Ext4.h
+++ b/Ext4.h
@@ -21,6 +21,7 @@
class Ext4 {
public:
+ static int check(const char *fsPath, const char *mountPoint);
static int doMount(const char *fsPath, const char *mountPoint, bool ro, bool remount,
bool executable);
static int format(const char *fsPath, unsigned int numSectors, const char *mountpoint);
diff --git a/Fat.cpp b/Fat.cpp
index 018fbeb..873088d 100644
--- a/Fat.cpp
+++ b/Fat.cpp
@@ -37,20 +37,25 @@
#define LOG_TAG "Vold"
+#include <base/logging.h>
+#include <base/stringprintf.h>
#include <cutils/log.h>
#include <cutils/properties.h>
+#include <selinux/selinux.h>
#include <logwrap/logwrap.h>
#include "Fat.h"
+#include "Utils.h"
#include "VoldUtil.h"
-static char FSCK_MSDOS_PATH[] = "/system/bin/fsck_msdos";
-static char MKDOSFS_PATH[] = "/system/bin/newfs_msdos";
-extern "C" int mount(const char *, const char *, const char *, unsigned long, const void *);
+using android::base::StringPrintf;
+
+static const char* kMkfsPath = "/system/bin/newfs_msdos";
+static const char* kFsckPath = "/system/bin/fsck_msdos";
int Fat::check(const char *fsPath) {
- if (access(FSCK_MSDOS_PATH, X_OK)) {
+ if (access(kFsckPath, X_OK)) {
SLOGW("Skipping fs checks\n");
return 0;
}
@@ -58,30 +63,22 @@
int pass = 1;
int rc = 0;
do {
- const char *args[4];
- int status;
- args[0] = FSCK_MSDOS_PATH;
- args[1] = "-p";
- args[2] = "-f";
- args[3] = fsPath;
+ std::vector<std::string> cmd;
+ cmd.push_back(kFsckPath);
+ cmd.push_back("-p");
+ cmd.push_back("-f");
+ cmd.push_back(fsPath);
- rc = android_fork_execvp(ARRAY_SIZE(args), (char **)args, &status,
- false, true);
- if (rc != 0) {
+ // Fat devices are currently always untrusted
+ rc = android::vold::ForkExecvp(cmd, android::vold::sFsckUntrustedContext);
+
+ if (rc < 0) {
SLOGE("Filesystem check failed due to logwrap error");
errno = EIO;
return -1;
}
- if (!WIFEXITED(status)) {
- SLOGE("Filesystem check did not exit properly");
- errno = EIO;
- return -1;
- }
-
- status = WEXITSTATUS(status);
-
- switch(status) {
+ switch(rc) {
case 0:
SLOGI("Filesystem check completed OK");
return 0;
@@ -102,7 +99,7 @@
return -1;
default:
- SLOGE("Filesystem check failed (unknown exit code %d)", status);
+ SLOGE("Filesystem check failed (unknown exit code %d)", rc);
errno = EIO;
return -1;
}
@@ -169,57 +166,39 @@
}
int Fat::format(const char *fsPath, unsigned int numSectors, bool wipe) {
- const char *args[11];
- int rc;
- int status;
-
if (wipe) {
Fat::wipe(fsPath, numSectors);
}
- args[0] = MKDOSFS_PATH;
- args[1] = "-F";
- args[2] = "32";
- args[3] = "-O";
- args[4] = "android";
- args[5] = "-c";
- args[6] = "64";
- args[7] = "-A";
+ std::vector<std::string> cmd;
+ cmd.push_back(kMkfsPath);
+ cmd.push_back("-F");
+ cmd.push_back("32");
+ cmd.push_back("-O");
+ cmd.push_back("android");
+ cmd.push_back("-c");
+ cmd.push_back("64");
+ cmd.push_back("-A");
if (numSectors) {
- char tmp[32];
- snprintf(tmp, sizeof(tmp), "%u", numSectors);
- const char *size = tmp;
- args[8] = "-s";
- args[9] = size;
- args[10] = fsPath;
- rc = android_fork_execvp(ARRAY_SIZE(args), (char **)args, &status,
- false, true);
- } else {
- args[8] = fsPath;
- rc = android_fork_execvp(9, (char **)args, &status, false,
- true);
+ cmd.push_back("-s");
+ cmd.push_back(StringPrintf("%u", numSectors));
}
- if (rc != 0) {
+ cmd.push_back(fsPath);
+
+ int rc = android::vold::ForkExecvp(cmd);
+ if (rc < 0) {
SLOGE("Filesystem format failed due to logwrap error");
errno = EIO;
return -1;
}
- if (!WIFEXITED(status)) {
- SLOGE("Filesystem format did not exit properly");
- errno = EIO;
- return -1;
- }
-
- status = WEXITSTATUS(status);
-
- if (status == 0) {
+ if (rc == 0) {
SLOGI("Filesystem formatted OK");
return 0;
} else {
- SLOGE("Format failed (unknown exit code %d)", status);
+ SLOGE("Format failed (unknown exit code %d)", rc);
errno = EIO;
return -1;
}
@@ -229,7 +208,7 @@
void Fat::wipe(const char *fsPath, unsigned int numSectors) {
unsigned long long range[2];
- int fd = open(fsPath, O_RDWR);
+ int fd = open(fsPath, O_RDWR | O_CLOEXEC);
if (fd == -1) {
SLOGE("Fat wipe failed to open device %s", fsPath);
return;
diff --git a/Loop.cpp b/Loop.cpp
index b1e9f6a..8872d7a 100644
--- a/Loop.cpp
+++ b/Loop.cpp
@@ -49,7 +49,7 @@
sprintf(filename, "/dev/block/loop%d", i);
- if ((fd = open(filename, O_RDWR)) < 0) {
+ if ((fd = open(filename, O_RDWR | O_CLOEXEC)) < 0) {
if (errno != ENOENT) {
SLOGE("Unable to open %s (%s)", filename, strerror(errno));
} else {
@@ -93,7 +93,7 @@
sprintf(filename, "/dev/block/loop%d", i);
- if ((fd = open(filename, O_RDWR)) < 0) {
+ if ((fd = open(filename, O_RDWR | O_CLOEXEC)) < 0) {
if (errno != ENOENT) {
SLOGE("Unable to open %s (%s)", filename, strerror(errno));
} else {
@@ -168,7 +168,7 @@
setfscreatecon(NULL);
}
- if ((fd = open(filename, O_RDWR)) < 0) {
+ if ((fd = open(filename, O_RDWR | O_CLOEXEC)) < 0) {
SLOGE("Unable to open %s (%s)", filename, strerror(errno));
return -1;
}
@@ -196,7 +196,7 @@
int file_fd;
- if ((file_fd = open(loopFile, O_RDWR)) < 0) {
+ if ((file_fd = open(loopFile, O_RDWR | O_CLOEXEC)) < 0) {
SLOGE("Unable to open %s (%s)", loopFile, strerror(errno));
close(fd);
return -1;
@@ -231,7 +231,7 @@
int Loop::destroyByDevice(const char *loopDevice) {
int device_fd;
- device_fd = open(loopDevice, O_RDONLY);
+ device_fd = open(loopDevice, O_RDONLY | O_CLOEXEC);
if (device_fd < 0) {
SLOGE("Failed to open loop (%d)", errno);
return -1;
@@ -272,7 +272,7 @@
int Loop::resizeImageFile(const char *file, unsigned int numSectors) {
int fd;
- if ((fd = open(file, O_RDWR)) < 0) {
+ if ((fd = open(file, O_RDWR | O_CLOEXEC)) < 0) {
SLOGE("Error opening imagefile (%s)", strerror(errno));
return -1;
}
@@ -301,7 +301,7 @@
int fd;
struct asec_superblock buffer;
- if ((fd = open(loopDevice, O_RDONLY)) < 0) {
+ if ((fd = open(loopDevice, O_RDONLY | O_CLOEXEC)) < 0) {
SLOGE("Failed to open loopdevice (%s)", strerror(errno));
destroyByDevice(loopDevice);
return -1;
diff --git a/MoveTask.cpp b/MoveTask.cpp
new file mode 100644
index 0000000..e0eec12
--- /dev/null
+++ b/MoveTask.cpp
@@ -0,0 +1,217 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "MoveTask.h"
+#include "Utils.h"
+#include "VolumeManager.h"
+#include "ResponseCode.h"
+
+#include <base/stringprintf.h>
+#include <base/logging.h>
+#include <private/android_filesystem_config.h>
+
+#include <dirent.h>
+#include <sys/wait.h>
+
+#define CONSTRAIN(amount, low, high) (amount < low ? low : (amount > high ? high : amount))
+
+using android::base::StringPrintf;
+
+namespace android {
+namespace vold {
+
+// TODO: keep in sync with PackageManager
+static const int kMoveSucceeded = -100;
+static const int kMoveFailedInternalError = -6;
+
+static const char* kCpPath = "/system/bin/cp";
+static const char* kRmPath = "/system/bin/rm";
+
+MoveTask::MoveTask(const std::shared_ptr<VolumeBase>& from,
+ const std::shared_ptr<VolumeBase>& to) :
+ mFrom(from), mTo(to) {
+}
+
+MoveTask::~MoveTask() {
+}
+
+void MoveTask::start() {
+ mThread = std::thread(&MoveTask::run, this);
+}
+
+static void notifyProgress(int progress) {
+ VolumeManager::Instance()->getBroadcaster()->sendBroadcast(ResponseCode::MoveStatus,
+ StringPrintf("%d", progress).c_str(), false);
+}
+
+static status_t pushBackContents(const std::string& path, std::vector<std::string>& cmd) {
+ DIR* dir = opendir(path.c_str());
+ if (dir == NULL) {
+ return -1;
+ }
+ bool found = false;
+ struct dirent* ent;
+ while ((ent = readdir(dir)) != NULL) {
+ if ((!strcmp(ent->d_name, ".")) || (!strcmp(ent->d_name, ".."))) {
+ continue;
+ }
+ cmd.push_back(StringPrintf("%s/%s", path.c_str(), ent->d_name));
+ found = true;
+ }
+ closedir(dir);
+ return found ? OK : -1;
+}
+
+static status_t execRm(const std::string& path, int startProgress, int stepProgress) {
+ notifyProgress(startProgress);
+
+ uint64_t expectedBytes = GetTreeBytes(path);
+ uint64_t startFreeBytes = GetFreeBytes(path);
+
+ std::vector<std::string> cmd;
+ cmd.push_back(kRmPath);
+ cmd.push_back("-f"); /* force: remove without confirmation, no error if it doesn't exist */
+ cmd.push_back("-R"); /* recursive: remove directory contents */
+ if (pushBackContents(path, cmd) != OK) {
+ LOG(WARNING) << "No contents in " << path;
+ return OK;
+ }
+
+ pid_t pid = ForkExecvpAsync(cmd);
+ if (pid == -1) return -1;
+
+ int status;
+ while (true) {
+ if (waitpid(pid, &status, WNOHANG) == pid) {
+ if (WIFEXITED(status)) {
+ LOG(DEBUG) << "Finished rm with status " << WEXITSTATUS(status);
+ return (WEXITSTATUS(status) == 0) ? OK : -1;
+ } else {
+ break;
+ }
+ }
+
+ sleep(1);
+ uint64_t deltaFreeBytes = GetFreeBytes(path) - startFreeBytes;
+ notifyProgress(startProgress + CONSTRAIN((int)
+ ((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress));
+ }
+ return -1;
+}
+
+static status_t execCp(const std::string& fromPath, const std::string& toPath,
+ int startProgress, int stepProgress) {
+ notifyProgress(startProgress);
+
+ uint64_t expectedBytes = GetTreeBytes(fromPath);
+ uint64_t startFreeBytes = GetFreeBytes(toPath);
+
+ std::vector<std::string> cmd;
+ cmd.push_back(kCpPath);
+ cmd.push_back("-p"); /* preserve timestamps, ownership, and permissions */
+ cmd.push_back("-R"); /* recurse into subdirectories (DEST must be a directory) */
+ cmd.push_back("-P"); /* Do not follow symlinks [default] */
+ cmd.push_back("-d"); /* don't dereference symlinks */
+ if (pushBackContents(fromPath, cmd) != OK) {
+ LOG(WARNING) << "No contents in " << fromPath;
+ return OK;
+ }
+ cmd.push_back(toPath.c_str());
+
+ pid_t pid = ForkExecvpAsync(cmd);
+ if (pid == -1) return -1;
+
+ int status;
+ while (true) {
+ if (waitpid(pid, &status, WNOHANG) == pid) {
+ if (WIFEXITED(status)) {
+ LOG(DEBUG) << "Finished cp with status " << WEXITSTATUS(status);
+ return (WEXITSTATUS(status) == 0) ? OK : -1;
+ } else {
+ break;
+ }
+ }
+
+ sleep(1);
+ uint64_t deltaFreeBytes = startFreeBytes - GetFreeBytes(toPath);
+ notifyProgress(startProgress + CONSTRAIN((int)
+ ((deltaFreeBytes * stepProgress) / expectedBytes), 0, stepProgress));
+ }
+ return -1;
+}
+
+static void bringOffline(const std::shared_ptr<VolumeBase>& vol) {
+ vol->destroy();
+ vol->setSilent(true);
+ vol->create();
+ vol->setMountFlags(0);
+ vol->mount();
+}
+
+static void bringOnline(const std::shared_ptr<VolumeBase>& vol) {
+ vol->destroy();
+ vol->setSilent(false);
+ vol->create();
+}
+
+void MoveTask::run() {
+ std::string fromPath;
+ std::string toPath;
+
+ // TODO: add support for public volumes
+ if (mFrom->getType() != VolumeBase::Type::kEmulated) goto fail;
+ if (mTo->getType() != VolumeBase::Type::kEmulated) goto fail;
+
+ // Step 1: tear down volumes and mount silently without making
+ // visible to userspace apps
+ bringOffline(mFrom);
+ bringOffline(mTo);
+
+ fromPath = mFrom->getInternalPath();
+ toPath = mTo->getInternalPath();
+
+ // Step 2: clean up any stale data
+ if (execRm(toPath, 10, 10) != OK) {
+ goto fail;
+ }
+
+ // Step 3: perform actual copy
+ if (execCp(fromPath, toPath, 20, 60) != OK) {
+ goto fail;
+ }
+
+ // NOTE: MountService watches for this magic value to know
+ // that move was successful
+ notifyProgress(82);
+ bringOnline(mFrom);
+ bringOnline(mTo);
+
+ // Step 4: clean up old data
+ if (execRm(fromPath, 85, 15) != OK) {
+ goto fail;
+ }
+
+ notifyProgress(kMoveSucceeded);
+ return;
+fail:
+ bringOnline(mFrom);
+ bringOnline(mTo);
+ notifyProgress(kMoveFailedInternalError);
+ return;
+}
+
+} // namespace vold
+} // namespace android
diff --git a/MoveTask.h b/MoveTask.h
new file mode 100644
index 0000000..b1777c0
--- /dev/null
+++ b/MoveTask.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ANDROID_VOLD_MOVE_TASK_H
+#define ANDROID_VOLD_MOVE_TASK_H
+
+#include "Utils.h"
+#include "VolumeBase.h"
+
+#include <thread>
+
+namespace android {
+namespace vold {
+
+class MoveTask {
+public:
+ MoveTask(const std::shared_ptr<VolumeBase>& from, const std::shared_ptr<VolumeBase>& to);
+ virtual ~MoveTask();
+
+ void start();
+
+private:
+ std::shared_ptr<VolumeBase> mFrom;
+ std::shared_ptr<VolumeBase> mTo;
+ std::thread mThread;
+
+ void run();
+
+ DISALLOW_COPY_AND_ASSIGN(MoveTask);
+};
+
+} // namespace vold
+} // namespace android
+
+#endif
diff --git a/NetlinkManager.cpp b/NetlinkManager.cpp
index d2e16b2..b5069a6 100644
--- a/NetlinkManager.cpp
+++ b/NetlinkManager.cpp
@@ -58,8 +58,8 @@
nladdr.nl_pid = getpid();
nladdr.nl_groups = 0xffffffff;
- if ((mSock = socket(PF_NETLINK,
- SOCK_DGRAM,NETLINK_KOBJECT_UEVENT)) < 0) {
+ if ((mSock = socket(PF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC,
+ NETLINK_KOBJECT_UEVENT)) < 0) {
SLOGE("Unable to create uevent socket: %s", strerror(errno));
return -1;
}
diff --git a/PrivateVolume.cpp b/PrivateVolume.cpp
new file mode 100644
index 0000000..ff2c7b3
--- /dev/null
+++ b/PrivateVolume.cpp
@@ -0,0 +1,159 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "Ext4.h"
+#include "PrivateVolume.h"
+#include "EmulatedVolume.h"
+#include "Utils.h"
+#include "VolumeManager.h"
+#include "ResponseCode.h"
+#include "cryptfs.h"
+
+#include <base/stringprintf.h>
+#include <base/logging.h>
+#include <cutils/fs.h>
+#include <private/android_filesystem_config.h>
+
+#include <fcntl.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <sys/param.h>
+
+using android::base::StringPrintf;
+
+namespace android {
+namespace vold {
+
+PrivateVolume::PrivateVolume(dev_t device, const std::string& keyRaw) :
+ VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw) {
+ setId(StringPrintf("private:%u,%u", major(device), minor(device)));
+ mRawDevPath = StringPrintf("/dev/block/vold/%s", getId().c_str());
+}
+
+PrivateVolume::~PrivateVolume() {
+}
+
+status_t PrivateVolume::readMetadata() {
+ status_t res = ReadMetadata(mDmDevPath, mFsType, mFsUuid, mFsLabel);
+ notifyEvent(ResponseCode::VolumeFsTypeChanged, mFsType);
+ notifyEvent(ResponseCode::VolumeFsUuidChanged, mFsUuid);
+ notifyEvent(ResponseCode::VolumeFsLabelChanged, mFsLabel);
+ return res;
+}
+
+status_t PrivateVolume::doCreate() {
+ if (CreateDeviceNode(mRawDevPath, mRawDevice)) {
+ return -EIO;
+ }
+
+ // Recover from stale vold by tearing down any old mappings
+ cryptfs_revert_ext_volume(getId().c_str());
+
+ // TODO: figure out better SELinux labels for private volumes
+
+ unsigned char* key = (unsigned char*) mKeyRaw.data();
+ char crypto_blkdev[MAXPATHLEN];
+ int res = cryptfs_setup_ext_volume(getId().c_str(), mRawDevPath.c_str(),
+ key, mKeyRaw.size(), crypto_blkdev);
+ mDmDevPath = crypto_blkdev;
+ if (res != 0) {
+ PLOG(ERROR) << getId() << " failed to setup cryptfs";
+ return -EIO;
+ }
+
+ return OK;
+}
+
+status_t PrivateVolume::doDestroy() {
+ if (cryptfs_revert_ext_volume(getId().c_str())) {
+ LOG(ERROR) << getId() << " failed to revert cryptfs";
+ }
+ return DestroyDeviceNode(mRawDevPath);
+}
+
+status_t PrivateVolume::doMount() {
+ if (readMetadata()) {
+ LOG(ERROR) << getId() << " failed to read metadata";
+ return -EIO;
+ }
+
+ mPath = StringPrintf("/mnt/expand/%s", mFsUuid.c_str());
+ setPath(mPath);
+
+ if (PrepareDir(mPath, 0700, AID_ROOT, AID_ROOT)) {
+ PLOG(ERROR) << getId() << " failed to create mount point " << mPath;
+ return -EIO;
+ }
+
+ int res = Ext4::check(mDmDevPath.c_str(), mPath.c_str());
+ if (res == 0 || res == 1) {
+ LOG(DEBUG) << getId() << " passed filesystem check";
+ } else {
+ PLOG(ERROR) << getId() << " failed filesystem check";
+ return -EIO;
+ }
+
+ if (Ext4::doMount(mDmDevPath.c_str(), mPath.c_str(), false, false, true)) {
+ PLOG(ERROR) << getId() << " failed to mount";
+ return -EIO;
+ }
+
+ // Verify that common directories are ready to roll
+ if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/user", 0711, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/media", 0770, AID_MEDIA_RW, AID_MEDIA_RW) ||
+ PrepareDir(mPath + "/local", 0751, AID_ROOT, AID_ROOT) ||
+ PrepareDir(mPath + "/local/tmp", 0771, AID_SHELL, AID_SHELL)) {
+ PLOG(ERROR) << getId() << " failed to prepare";
+ return -EIO;
+ }
+
+ // Create a new emulated volume stacked above us, it will automatically
+ // be destroyed during unmount
+ std::string mediaPath(mPath + "/media");
+ auto vol = std::shared_ptr<VolumeBase>(
+ new EmulatedVolume(mediaPath, mRawDevice, mFsUuid));
+ addVolume(vol);
+ vol->create();
+
+ return OK;
+}
+
+status_t PrivateVolume::doUnmount() {
+ ForceUnmount(mPath);
+
+ if (TEMP_FAILURE_RETRY(rmdir(mPath.c_str()))) {
+ PLOG(ERROR) << getId() << " failed to rmdir mount point " << mPath;
+ }
+
+ return OK;
+}
+
+status_t PrivateVolume::doFormat() {
+ // TODO: change mountpoint once we have selinux labels
+ if (Ext4::format(mDmDevPath.c_str(), 0, "/data")) {
+ PLOG(ERROR) << getId() << " failed to format";
+ return -EIO;
+ }
+
+ return OK;
+}
+
+} // namespace vold
+} // namespace android
diff --git a/PrivateVolume.h b/PrivateVolume.h
new file mode 100644
index 0000000..bd464e6
--- /dev/null
+++ b/PrivateVolume.h
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ANDROID_VOLD_PRIVATE_VOLUME_H
+#define ANDROID_VOLD_PRIVATE_VOLUME_H
+
+#include "VolumeBase.h"
+
+#include <cutils/multiuser.h>
+
+namespace android {
+namespace vold {
+
+/*
+ * Private storage provided by an encrypted partition.
+ *
+ * Given a raw block device, it knows how to wrap it in dm-crypt and
+ * format as ext4/f2fs. EmulatedVolume can be stacked above it.
+ *
+ * This volume is designed to behave much like the internal /data
+ * partition, both in layout and function. For example, apps and
+ * private app data can be safely stored on this volume because the
+ * keys are tightly tied to this device.
+ */
+class PrivateVolume : public VolumeBase {
+public:
+ PrivateVolume(dev_t device, const std::string& keyRaw);
+ virtual ~PrivateVolume();
+
+protected:
+ status_t doCreate() override;
+ status_t doDestroy() override;
+ status_t doMount() override;
+ status_t doUnmount() override;
+ status_t doFormat() override;
+
+ status_t readMetadata();
+
+private:
+ /* Kernel device of raw, encrypted partition */
+ dev_t mRawDevice;
+ /* Path to raw, encrypted block device */
+ std::string mRawDevPath;
+ /* Path to decrypted block device */
+ std::string mDmDevPath;
+ /* Path where decrypted device is mounted */
+ std::string mPath;
+
+ /* Encryption key as raw bytes */
+ std::string mKeyRaw;
+
+ /* Filesystem type */
+ std::string mFsType;
+ /* Filesystem UUID */
+ std::string mFsUuid;
+ /* User-visible filesystem label */
+ std::string mFsLabel;
+
+ DISALLOW_COPY_AND_ASSIGN(PrivateVolume);
+};
+
+} // namespace vold
+} // namespace android
+
+#endif
diff --git a/Process.cpp b/Process.cpp
index cc06998..a6f0cc6 100644
--- a/Process.cpp
+++ b/Process.cpp
@@ -66,7 +66,7 @@
void Process::getProcessName(int pid, char *buffer, size_t max) {
int fd;
snprintf(buffer, max, "/proc/%d/cmdline", pid);
- fd = open(buffer, O_RDONLY);
+ fd = open(buffer, O_RDONLY | O_CLOEXEC);
if (fd < 0) {
strcpy(buffer, "???");
} else {
@@ -170,18 +170,14 @@
return result;
}
-extern "C" void vold_killProcessesWithOpenFiles(const char *path, int action) {
- Process::killProcessesWithOpenFiles(path, action);
+extern "C" void vold_killProcessesWithOpenFiles(const char *path, int signal) {
+ Process::killProcessesWithOpenFiles(path, signal);
}
/*
* Hunt down processes that have files open at the given mount point.
- * action = 0 to just warn,
- * action = 1 to SIGHUP,
- * action = 2 to SIGKILL
*/
-// hunt down and kill processes that have files open on the given mount point
-void Process::killProcessesWithOpenFiles(const char *path, int action) {
+void Process::killProcessesWithOpenFiles(const char *path, int signal) {
DIR* dir;
struct dirent* de;
@@ -213,12 +209,10 @@
} else {
continue;
}
- if (action == 1) {
- SLOGW("Sending SIGHUP to process %d", pid);
- kill(pid, SIGTERM);
- } else if (action == 2) {
- SLOGE("Sending SIGKILL to process %d", pid);
- kill(pid, SIGKILL);
+
+ if (signal != 0) {
+ SLOGW("Sending %s to process %d", strsignal(signal), pid);
+ kill(pid, signal);
}
}
closedir(dir);
diff --git a/Process.h b/Process.h
index e745ca4..81b5f18 100644
--- a/Process.h
+++ b/Process.h
@@ -21,7 +21,7 @@
class Process {
public:
- static void killProcessesWithOpenFiles(const char *path, int action);
+ static void killProcessesWithOpenFiles(const char *path, int signal);
static int getPid(const char *s);
static int checkSymLink(int pid, const char *path, const char *name);
static int checkFileMaps(int pid, const char *path);
@@ -36,7 +36,7 @@
extern "C" {
#endif /* __cplusplus */
- void vold_killProcessesWithOpenFiles(const char *path, int action);
+ void vold_killProcessesWithOpenFiles(const char *path, int signal);
#ifdef __cplusplus
}
#endif
diff --git a/PublicVolume.cpp b/PublicVolume.cpp
new file mode 100644
index 0000000..025d2eb
--- /dev/null
+++ b/PublicVolume.cpp
@@ -0,0 +1,211 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "Fat.h"
+#include "PublicVolume.h"
+#include "Utils.h"
+#include "VolumeManager.h"
+#include "ResponseCode.h"
+
+#include <base/stringprintf.h>
+#include <base/logging.h>
+#include <cutils/fs.h>
+#include <private/android_filesystem_config.h>
+
+#include <fcntl.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+using android::base::StringPrintf;
+
+namespace android {
+namespace vold {
+
+static const char* kFusePath = "/system/bin/sdcard";
+
+static const char* kAsecPath = "/mnt/secure/asec";
+
+PublicVolume::PublicVolume(dev_t device) :
+ VolumeBase(Type::kPublic), mDevice(device), mFusePid(0) {
+ setId(StringPrintf("public:%u,%u", major(device), minor(device)));
+ mDevPath = StringPrintf("/dev/block/vold/%s", getId().c_str());
+}
+
+PublicVolume::~PublicVolume() {
+}
+
+status_t PublicVolume::readMetadata() {
+ status_t res = ReadMetadataUntrusted(mDevPath, mFsType, mFsUuid, mFsLabel);
+ notifyEvent(ResponseCode::VolumeFsTypeChanged, mFsType);
+ notifyEvent(ResponseCode::VolumeFsUuidChanged, mFsUuid);
+ notifyEvent(ResponseCode::VolumeFsLabelChanged, mFsLabel);
+ return res;
+}
+
+status_t PublicVolume::initAsecStage() {
+ std::string legacyPath(mRawPath + "/android_secure");
+ std::string securePath(mRawPath + "/.android_secure");
+
+ // Recover legacy secure path
+ if (!access(legacyPath.c_str(), R_OK | X_OK)
+ && access(securePath.c_str(), R_OK | X_OK)) {
+ if (rename(legacyPath.c_str(), securePath.c_str())) {
+ PLOG(WARNING) << getId() << " failed to rename legacy ASEC dir";
+ }
+ }
+
+ if (TEMP_FAILURE_RETRY(mkdir(securePath.c_str(), 0700))) {
+ if (errno != EEXIST) {
+ PLOG(WARNING) << getId() << " creating ASEC stage failed";
+ return -errno;
+ }
+ }
+
+ BindMount(securePath, kAsecPath);
+
+ return OK;
+}
+
+status_t PublicVolume::doCreate() {
+ return CreateDeviceNode(mDevPath, mDevice);
+}
+
+status_t PublicVolume::doDestroy() {
+ return DestroyDeviceNode(mDevPath);
+}
+
+status_t PublicVolume::doMount() {
+ // TODO: expand to support mounting other filesystems
+ readMetadata();
+
+ if (Fat::check(mDevPath.c_str())) {
+ LOG(ERROR) << getId() << " failed filesystem check";
+ return -EIO;
+ }
+
+ // Use UUID as stable name, if available
+ std::string stableName = getId();
+ if (!mFsUuid.empty()) {
+ stableName = mFsUuid;
+ }
+
+ mRawPath = StringPrintf("/mnt/media_rw/%s", stableName.c_str());
+ mFusePath = StringPrintf("/storage/%s", stableName.c_str());
+ setPath(mFusePath);
+
+ if (fs_prepare_dir(mRawPath.c_str(), 0700, AID_ROOT, AID_ROOT)) {
+ PLOG(ERROR) << getId() << " failed to create mount point " << mRawPath;
+ return -errno;
+ }
+ if (fs_prepare_dir(mFusePath.c_str(), 0700, AID_ROOT, AID_ROOT)) {
+ PLOG(ERROR) << getId() << " failed to create mount point " << mFusePath;
+ return -errno;
+ }
+
+ if (Fat::doMount(mDevPath.c_str(), mRawPath.c_str(), false, false, false,
+ AID_MEDIA_RW, AID_MEDIA_RW, 0007, true)) {
+ PLOG(ERROR) << getId() << " failed to mount " << mDevPath;
+ return -EIO;
+ }
+
+ if (getMountFlags() & MountFlags::kPrimary) {
+ initAsecStage();
+ }
+
+ // TODO: teach FUSE daemon to protect itself with user-specific GID
+ if (!(mFusePid = fork())) {
+ if (!(getMountFlags() & MountFlags::kVisible)) {
+ // TODO: mount so that only system apps can access
+ if (execl(kFusePath, kFusePath,
+ "-u", "1023", // AID_MEDIA_RW
+ "-g", "1023", // AID_MEDIA_RW
+ mRawPath.c_str(),
+ mFusePath.c_str(),
+ NULL)) {
+ PLOG(ERROR) << "Failed to exec";
+ }
+ } else if (getMountFlags() & MountFlags::kPrimary) {
+ if (execl(kFusePath, kFusePath,
+ "-u", "1023", // AID_MEDIA_RW
+ "-g", "1023", // AID_MEDIA_RW
+ "-d",
+ mRawPath.c_str(),
+ mFusePath.c_str(),
+ NULL)) {
+ PLOG(ERROR) << "Failed to exec";
+ }
+ } else {
+ if (execl(kFusePath, kFusePath,
+ "-u", "1023", // AID_MEDIA_RW
+ "-g", "1023", // AID_MEDIA_RW
+ "-w", "1023", // AID_MEDIA_RW
+ "-d",
+ mRawPath.c_str(),
+ mFusePath.c_str(),
+ NULL)) {
+ PLOG(ERROR) << "Failed to exec";
+ }
+ }
+
+ PLOG(DEBUG) << "FUSE exiting";
+ _exit(1);
+ }
+
+ if (mFusePid == -1) {
+ PLOG(ERROR) << getId() << " failed to fork";
+ return -errno;
+ }
+
+ return OK;
+}
+
+status_t PublicVolume::doUnmount() {
+ if (mFusePid > 0) {
+ kill(mFusePid, SIGTERM);
+ TEMP_FAILURE_RETRY(waitpid(mFusePid, nullptr, 0));
+ mFusePid = 0;
+ }
+
+ ForceUnmount(kAsecPath);
+ ForceUnmount(mFusePath);
+ ForceUnmount(mRawPath);
+
+ if (TEMP_FAILURE_RETRY(rmdir(mRawPath.c_str()))) {
+ PLOG(ERROR) << getId() << " failed to rmdir mount point " << mRawPath;
+ }
+ if (TEMP_FAILURE_RETRY(rmdir(mFusePath.c_str()))) {
+ PLOG(ERROR) << getId() << " failed to rmdir mount point " << mFusePath;
+ }
+
+ mFusePath.clear();
+ mRawPath.clear();
+
+ return OK;
+}
+
+status_t PublicVolume::doFormat() {
+ if (Fat::format(mDevPath.c_str(), 0, true)) {
+ LOG(ERROR) << getId() << " failed to format";
+ return -errno;
+ }
+ return OK;
+}
+
+} // namespace vold
+} // namespace android
diff --git a/PublicVolume.h b/PublicVolume.h
new file mode 100644
index 0000000..45313ec
--- /dev/null
+++ b/PublicVolume.h
@@ -0,0 +1,80 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ANDROID_VOLD_PUBLIC_VOLUME_H
+#define ANDROID_VOLD_PUBLIC_VOLUME_H
+
+#include "VolumeBase.h"
+
+#include <cutils/multiuser.h>
+
+namespace android {
+namespace vold {
+
+/*
+ * Shared storage provided by public (vfat) partition.
+ *
+ * Knows how to mount itself and then spawn a FUSE daemon to synthesize
+ * permissions. AsecVolume and ObbVolume can be stacked above it.
+ *
+ * This volume is not inherently multi-user aware, so it has two possible
+ * modes of operation:
+ * 1. If primary storage for the device, it only binds itself to the
+ * owner user.
+ * 2. If secondary storage, it binds itself for all users, but masks
+ * away the Android directory for secondary users.
+ */
+class PublicVolume : public VolumeBase {
+public:
+ explicit PublicVolume(dev_t device);
+ virtual ~PublicVolume();
+
+protected:
+ status_t doCreate() override;
+ status_t doDestroy() override;
+ status_t doMount() override;
+ status_t doUnmount() override;
+ status_t doFormat() override;
+
+ status_t readMetadata();
+ status_t initAsecStage();
+
+private:
+ /* Kernel device representing partition */
+ dev_t mDevice;
+ /* Block device path */
+ std::string mDevPath;
+ /* Mount point of raw partition */
+ std::string mRawPath;
+ /* Mount point of FUSE wrapper */
+ std::string mFusePath;
+ /* PID of FUSE wrapper */
+ pid_t mFusePid;
+
+ /* Filesystem type */
+ std::string mFsType;
+ /* Filesystem UUID */
+ std::string mFsUuid;
+ /* User-visible filesystem label */
+ std::string mFsLabel;
+
+ DISALLOW_COPY_AND_ASSIGN(PublicVolume);
+};
+
+} // namespace vold
+} // namespace android
+
+#endif
diff --git a/ResponseCode.h b/ResponseCode.h
index 0dc0500..a975982 100644
--- a/ResponseCode.h
+++ b/ResponseCode.h
@@ -66,6 +66,23 @@
static const int VolumeDiskRemoved = 631;
static const int VolumeBadRemoval = 632;
+ static const int DiskCreated = 640;
+ static const int DiskSizeChanged = 641;
+ static const int DiskLabelChanged = 642;
+ static const int DiskScanned = 643;
+ static const int DiskDestroyed = 649;
+
+ static const int VolumeCreated = 650;
+ static const int VolumeStateChanged = 651;
+ static const int VolumeFsTypeChanged = 652;
+ static const int VolumeFsUuidChanged = 653;
+ static const int VolumeFsLabelChanged = 654;
+ static const int VolumePathChanged = 655;
+ static const int VolumeInternalPathChanged = 656;
+ static const int VolumeDestroyed = 659;
+
+ static const int MoveStatus = 660;
+
static int convertFromErrno();
};
#endif
diff --git a/Utils.cpp b/Utils.cpp
new file mode 100644
index 0000000..f45907a
--- /dev/null
+++ b/Utils.cpp
@@ -0,0 +1,467 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "sehandle.h"
+#include "Utils.h"
+#include "Process.h"
+
+#include <base/logging.h>
+#include <base/stringprintf.h>
+#include <cutils/fs.h>
+#include <private/android_filesystem_config.h>
+#include <logwrap/logwrap.h>
+
+#include <mutex>
+#include <dirent.h>
+#include <fcntl.h>
+#include <linux/fs.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <sys/statvfs.h>
+
+#ifndef UMOUNT_NOFOLLOW
+#define UMOUNT_NOFOLLOW 0x00000008 /* Don't follow symlink on umount */
+#endif
+
+using android::base::StringPrintf;
+
+namespace android {
+namespace vold {
+
+security_context_t sBlkidContext = nullptr;
+security_context_t sBlkidUntrustedContext = nullptr;
+security_context_t sFsckContext = nullptr;
+security_context_t sFsckUntrustedContext = nullptr;
+
+static const char* kBlkidPath = "/system/bin/blkid";
+
+status_t CreateDeviceNode(const std::string& path, dev_t dev) {
+ const char* cpath = path.c_str();
+ status_t res = 0;
+
+ char* secontext = nullptr;
+ if (sehandle) {
+ if (!selabel_lookup(sehandle, &secontext, cpath, S_IFBLK)) {
+ setfscreatecon(secontext);
+ }
+ }
+
+ mode_t mode = 0660 | S_IFBLK;
+ if (mknod(cpath, mode, dev) < 0) {
+ if (errno != EEXIST) {
+ PLOG(ERROR) << "Failed to create device node for " << major(dev)
+ << ":" << minor(dev) << " at " << path;
+ res = -errno;
+ }
+ }
+
+ if (secontext) {
+ setfscreatecon(nullptr);
+ freecon(secontext);
+ }
+
+ return res;
+}
+
+status_t DestroyDeviceNode(const std::string& path) {
+ const char* cpath = path.c_str();
+ if (TEMP_FAILURE_RETRY(unlink(cpath))) {
+ return -errno;
+ } else {
+ return OK;
+ }
+}
+
+status_t PrepareDir(const std::string& path, mode_t mode, uid_t uid, gid_t gid) {
+ const char* cpath = path.c_str();
+
+ char* secontext = nullptr;
+ if (sehandle) {
+ if (!selabel_lookup(sehandle, &secontext, cpath, S_IFDIR)) {
+ setfscreatecon(secontext);
+ }
+ }
+
+ int res = fs_prepare_dir(cpath, mode, uid, gid);
+
+ if (secontext) {
+ setfscreatecon(nullptr);
+ freecon(secontext);
+ }
+
+ if (res == 0) {
+ return OK;
+ } else {
+ return -errno;
+ }
+}
+
+status_t ForceUnmount(const std::string& path) {
+ const char* cpath = path.c_str();
+ if (!umount2(cpath, UMOUNT_NOFOLLOW) || errno == EINVAL || errno == ENOENT) {
+ return OK;
+ }
+ PLOG(WARNING) << "Failed to unmount " << path;
+
+ sleep(5);
+ Process::killProcessesWithOpenFiles(cpath, SIGINT);
+
+ if (!umount2(cpath, UMOUNT_NOFOLLOW) || errno == EINVAL || errno == ENOENT) {
+ return OK;
+ }
+ PLOG(WARNING) << "Failed to unmount " << path;
+
+ sleep(5);
+ Process::killProcessesWithOpenFiles(cpath, SIGTERM);
+
+ if (!umount2(cpath, UMOUNT_NOFOLLOW) || errno == EINVAL || errno == ENOENT) {
+ return OK;
+ }
+ PLOG(WARNING) << "Failed to unmount " << path;
+
+ sleep(5);
+ Process::killProcessesWithOpenFiles(cpath, SIGKILL);
+
+ if (!umount2(cpath, UMOUNT_NOFOLLOW) || errno == EINVAL || errno == ENOENT) {
+ return OK;
+ }
+ PLOG(ERROR) << "Failed to unmount " << path;
+
+ return -errno;
+}
+
+status_t BindMount(const std::string& source, const std::string& target) {
+ if (::mount(source.c_str(), target.c_str(), "", MS_BIND, NULL)) {
+ PLOG(ERROR) << "Failed to bind mount " << source << " to " << target;
+ return -errno;
+ }
+ return OK;
+}
+
+static status_t readMetadata(const std::string& path, std::string& fsType,
+ std::string& fsUuid, std::string& fsLabel, bool untrusted) {
+ fsType.clear();
+ fsUuid.clear();
+ fsLabel.clear();
+
+ std::vector<std::string> cmd;
+ cmd.push_back(kBlkidPath);
+ cmd.push_back("-c");
+ cmd.push_back("/dev/null");
+ cmd.push_back(path);
+
+ std::vector<std::string> output;
+ status_t res = ForkExecvp(cmd, output, untrusted ? sBlkidUntrustedContext : sBlkidContext);
+ if (res != OK) {
+ LOG(WARNING) << "blkid failed to identify " << path;
+ return res;
+ }
+
+ char value[128];
+ for (auto line : output) {
+ // Extract values from blkid output, if defined
+ const char* cline = line.c_str();
+ char* start = strstr(cline, "TYPE=");
+ if (start != nullptr && sscanf(start + 5, "\"%127[^\"]\"", value) == 1) {
+ fsType = value;
+ }
+
+ start = strstr(cline, "UUID=");
+ if (start != nullptr && sscanf(start + 5, "\"%127[^\"]\"", value) == 1) {
+ fsUuid = value;
+ }
+
+ start = strstr(cline, "LABEL=");
+ if (start != nullptr && sscanf(start + 6, "\"%127[^\"]\"", value) == 1) {
+ fsLabel = value;
+ }
+ }
+
+ return OK;
+}
+
+status_t ReadMetadata(const std::string& path, std::string& fsType,
+ std::string& fsUuid, std::string& fsLabel) {
+ return readMetadata(path, fsType, fsUuid, fsLabel, false);
+}
+
+status_t ReadMetadataUntrusted(const std::string& path, std::string& fsType,
+ std::string& fsUuid, std::string& fsLabel) {
+ return readMetadata(path, fsType, fsUuid, fsLabel, true);
+}
+
+status_t ForkExecvp(const std::vector<std::string>& args) {
+ return ForkExecvp(args, nullptr);
+}
+
+status_t ForkExecvp(const std::vector<std::string>& args, security_context_t context) {
+ size_t argc = args.size();
+ char** argv = (char**) calloc(argc, sizeof(char*));
+ for (size_t i = 0; i < argc; i++) {
+ argv[i] = (char*) args[i].c_str();
+ if (i == 0) {
+ LOG(VERBOSE) << args[i];
+ } else {
+ LOG(VERBOSE) << " " << args[i];
+ }
+ }
+
+ if (setexeccon(context)) {
+ LOG(ERROR) << "Failed to setexeccon";
+ abort();
+ }
+ status_t res = android_fork_execvp(argc, argv, NULL, false, true);
+ if (setexeccon(nullptr)) {
+ LOG(ERROR) << "Failed to setexeccon";
+ abort();
+ }
+
+ free(argv);
+ return res;
+}
+
+status_t ForkExecvp(const std::vector<std::string>& args,
+ std::vector<std::string>& output) {
+ return ForkExecvp(args, output, nullptr);
+}
+
+status_t ForkExecvp(const std::vector<std::string>& args,
+ std::vector<std::string>& output, security_context_t context) {
+ std::string cmd;
+ for (size_t i = 0; i < args.size(); i++) {
+ cmd += args[i] + " ";
+ if (i == 0) {
+ LOG(VERBOSE) << args[i];
+ } else {
+ LOG(VERBOSE) << " " << args[i];
+ }
+ }
+ output.clear();
+
+ if (setexeccon(context)) {
+ LOG(ERROR) << "Failed to setexeccon";
+ abort();
+ }
+ FILE* fp = popen(cmd.c_str(), "r");
+ if (setexeccon(nullptr)) {
+ LOG(ERROR) << "Failed to setexeccon";
+ abort();
+ }
+
+ if (!fp) {
+ PLOG(ERROR) << "Failed to popen " << cmd;
+ return -errno;
+ }
+ char line[1024];
+ while (fgets(line, sizeof(line), fp) != nullptr) {
+ LOG(VERBOSE) << line;
+ output.push_back(std::string(line));
+ }
+ if (pclose(fp) != 0) {
+ PLOG(ERROR) << "Failed to pclose " << cmd;
+ return -errno;
+ }
+
+ return OK;
+}
+
+pid_t ForkExecvpAsync(const std::vector<std::string>& args) {
+ size_t argc = args.size();
+ char** argv = (char**) calloc(argc + 1, sizeof(char*));
+ for (size_t i = 0; i < argc; i++) {
+ argv[i] = (char*) args[i].c_str();
+ if (i == 0) {
+ LOG(VERBOSE) << args[i];
+ } else {
+ LOG(VERBOSE) << " " << args[i];
+ }
+ }
+
+ pid_t pid = fork();
+ if (pid == 0) {
+ close(STDIN_FILENO);
+ close(STDOUT_FILENO);
+ close(STDERR_FILENO);
+
+ if (execvp(argv[0], argv)) {
+ PLOG(ERROR) << "Failed to exec";
+ }
+
+ _exit(1);
+ }
+
+ if (pid == -1) {
+ PLOG(ERROR) << "Failed to exec";
+ }
+
+ free(argv);
+ return pid;
+}
+
+status_t ReadRandomBytes(size_t bytes, std::string& out) {
+ out.clear();
+
+ int fd = TEMP_FAILURE_RETRY(open("/dev/urandom", O_RDONLY | O_CLOEXEC | O_NOFOLLOW));
+ if (fd == -1) {
+ return -errno;
+ }
+
+ char buf[BUFSIZ];
+ size_t n;
+ while ((n = TEMP_FAILURE_RETRY(read(fd, &buf[0], std::min(sizeof(buf), bytes)))) > 0) {
+ out.append(buf, n);
+ bytes -= n;
+ }
+ TEMP_FAILURE_RETRY(close(fd));
+
+ if (bytes == 0) {
+ return OK;
+ } else {
+ return -EIO;
+ }
+}
+
+status_t HexToStr(const std::string& hex, std::string& str) {
+ str.clear();
+ bool even = true;
+ char cur = 0;
+ for (size_t i = 0; i < hex.size(); i++) {
+ int val = 0;
+ switch (hex[i]) {
+ case ' ': case '-': case ':': continue;
+ case 'f': case 'F': val = 15; break;
+ case 'e': case 'E': val = 14; break;
+ case 'd': case 'D': val = 13; break;
+ case 'c': case 'C': val = 12; break;
+ case 'b': case 'B': val = 11; break;
+ case 'a': case 'A': val = 10; break;
+ case '9': val = 9; break;
+ case '8': val = 8; break;
+ case '7': val = 7; break;
+ case '6': val = 6; break;
+ case '5': val = 5; break;
+ case '4': val = 4; break;
+ case '3': val = 3; break;
+ case '2': val = 2; break;
+ case '1': val = 1; break;
+ case '0': val = 0; break;
+ default: return -EINVAL;
+ }
+
+ if (even) {
+ cur = val << 4;
+ } else {
+ cur += val;
+ str.push_back(cur);
+ cur = 0;
+ }
+ even = !even;
+ }
+ return even ? OK : -EINVAL;
+}
+
+static const char* kLookup = "0123456789abcdef";
+
+status_t StrToHex(const std::string& str, std::string& hex) {
+ hex.clear();
+ for (size_t i = 0; i < str.size(); i++) {
+ hex.push_back(kLookup[(str[i] & 0xF0) >> 4]);
+ hex.push_back(kLookup[str[i] & 0x0F]);
+ }
+ return OK;
+}
+
+uint64_t GetFreeBytes(const std::string& path) {
+ struct statvfs sb;
+ if (statvfs(path.c_str(), &sb) == 0) {
+ return sb.f_bfree * sb.f_bsize;
+ } else {
+ return -1;
+ }
+}
+
+// TODO: borrowed from frameworks/native/libs/diskusage/ which should
+// eventually be migrated into system/
+static int64_t stat_size(struct stat *s) {
+ int64_t blksize = s->st_blksize;
+ // count actual blocks used instead of nominal file size
+ int64_t size = s->st_blocks * 512;
+
+ if (blksize) {
+ /* round up to filesystem block size */
+ size = (size + blksize - 1) & (~(blksize - 1));
+ }
+
+ return size;
+}
+
+// TODO: borrowed from frameworks/native/libs/diskusage/ which should
+// eventually be migrated into system/
+int64_t calculate_dir_size(int dfd) {
+ int64_t size = 0;
+ struct stat s;
+ DIR *d;
+ struct dirent *de;
+
+ d = fdopendir(dfd);
+ if (d == NULL) {
+ close(dfd);
+ return 0;
+ }
+
+ while ((de = readdir(d))) {
+ const char *name = de->d_name;
+ if (fstatat(dfd, name, &s, AT_SYMLINK_NOFOLLOW) == 0) {
+ size += stat_size(&s);
+ }
+ if (de->d_type == DT_DIR) {
+ int subfd;
+
+ /* always skip "." and ".." */
+ if (name[0] == '.') {
+ if (name[1] == 0)
+ continue;
+ if ((name[1] == '.') && (name[2] == 0))
+ continue;
+ }
+
+ subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY);
+ if (subfd >= 0) {
+ size += calculate_dir_size(subfd);
+ }
+ }
+ }
+ closedir(d);
+ return size;
+}
+
+uint64_t GetTreeBytes(const std::string& path) {
+ int dirfd = open(path.c_str(), O_DIRECTORY, O_RDONLY);
+ if (dirfd < 0) {
+ PLOG(WARNING) << "Failed to open " << path;
+ return -1;
+ } else {
+ uint64_t res = calculate_dir_size(dirfd);
+ close(dirfd);
+ return res;
+ }
+}
+
+} // namespace vold
+} // namespace android
diff --git a/Utils.h b/Utils.h
new file mode 100644
index 0000000..6ad87ae
--- /dev/null
+++ b/Utils.h
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ANDROID_VOLD_UTILS_H
+#define ANDROID_VOLD_UTILS_H
+
+#include <utils/Errors.h>
+#include <selinux/selinux.h>
+
+#include <vector>
+#include <string>
+
+// DISALLOW_COPY_AND_ASSIGN disallows the copy and operator= functions. It goes in the private:
+// declarations in a class.
+#if !defined(DISALLOW_COPY_AND_ASSIGN)
+#define DISALLOW_COPY_AND_ASSIGN(TypeName) \
+ TypeName(const TypeName&) = delete; \
+ void operator=(const TypeName&) = delete
+#endif
+
+namespace android {
+namespace vold {
+
+/* SELinux contexts used depending on the block device type */
+extern security_context_t sBlkidContext;
+extern security_context_t sBlkidUntrustedContext;
+extern security_context_t sFsckContext;
+extern security_context_t sFsckUntrustedContext;
+
+status_t CreateDeviceNode(const std::string& path, dev_t dev);
+status_t DestroyDeviceNode(const std::string& path);
+
+/* fs_prepare_dir wrapper that creates with SELinux context */
+status_t PrepareDir(const std::string& path, mode_t mode, uid_t uid, gid_t gid);
+
+/* Really unmounts the path, killing active processes along the way */
+status_t ForceUnmount(const std::string& path);
+
+/* Creates bind mount from source to target */
+status_t BindMount(const std::string& source, const std::string& target);
+
+/* Reads filesystem metadata from device at path */
+status_t ReadMetadata(const std::string& path, std::string& fsType,
+ std::string& fsUuid, std::string& fsLabel);
+
+/* Reads filesystem metadata from untrusted device at path */
+status_t ReadMetadataUntrusted(const std::string& path, std::string& fsType,
+ std::string& fsUuid, std::string& fsLabel);
+
+/* Returns either WEXITSTATUS() status, or a negative errno */
+status_t ForkExecvp(const std::vector<std::string>& args);
+status_t ForkExecvp(const std::vector<std::string>& args, security_context_t context);
+
+status_t ForkExecvp(const std::vector<std::string>& args,
+ std::vector<std::string>& output);
+status_t ForkExecvp(const std::vector<std::string>& args,
+ std::vector<std::string>& output, security_context_t context);
+
+pid_t ForkExecvpAsync(const std::vector<std::string>& args);
+
+status_t ReadRandomBytes(size_t bytes, std::string& out);
+
+/* Converts hex string to raw bytes, ignoring [ :-] */
+status_t HexToStr(const std::string& hex, std::string& str);
+/* Converts raw bytes to hex string */
+status_t StrToHex(const std::string& str, std::string& hex);
+
+uint64_t GetFreeBytes(const std::string& path);
+uint64_t GetTreeBytes(const std::string& path);
+
+} // namespace vold
+} // namespace android
+
+#endif
diff --git a/Volume.cpp b/Volume.cpp
deleted file mode 100644
index ce4ed1e..0000000
--- a/Volume.cpp
+++ /dev/null
@@ -1,707 +0,0 @@
-/*
- * Copyright (C) 2008 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <dirent.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <mntent.h>
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/mman.h>
-#include <sys/mount.h>
-#include <sys/param.h>
-
-#include <linux/kdev_t.h>
-
-#include <cutils/properties.h>
-
-#include <diskconfig/diskconfig.h>
-
-#include <private/android_filesystem_config.h>
-
-#define LOG_TAG "Vold"
-
-#include <cutils/fs.h>
-#include <cutils/log.h>
-
-#include <string>
-
-#include "Volume.h"
-#include "VolumeManager.h"
-#include "ResponseCode.h"
-#include "Fat.h"
-#include "Process.h"
-#include "cryptfs.h"
-#include "sehandle.h"
-
-extern "C" void dos_partition_dec(void const *pp, struct dos_partition *d);
-extern "C" void dos_partition_enc(void *pp, struct dos_partition *d);
-
-
-/*
- * Media directory - stuff that only media_rw user can see
- */
-const char *Volume::MEDIA_DIR = "/mnt/media_rw";
-
-/*
- * Fuse directory - location where fuse wrapped filesystems go
- */
-const char *Volume::FUSE_DIR = "/storage";
-
-/*
- * Path to external storage where *only* root can access ASEC image files
- */
-const char *Volume::SEC_ASECDIR_EXT = "/mnt/secure/asec";
-
-/*
- * Path to internal storage where *only* root can access ASEC image files
- */
-const char *Volume::SEC_ASECDIR_INT = "/data/app-asec";
-
-/*
- * Path to where secure containers are mounted
- */
-const char *Volume::ASECDIR = "/mnt/asec";
-
-/*
- * Path to where OBBs are mounted
- */
-const char *Volume::LOOPDIR = "/mnt/obb";
-
-const char *Volume::BLKID_PATH = "/system/bin/blkid";
-
-static const char *stateToStr(int state) {
- if (state == Volume::State_Init)
- return "Initializing";
- else if (state == Volume::State_NoMedia)
- return "No-Media";
- else if (state == Volume::State_Idle)
- return "Idle-Unmounted";
- else if (state == Volume::State_Pending)
- return "Pending";
- else if (state == Volume::State_Mounted)
- return "Mounted";
- else if (state == Volume::State_Unmounting)
- return "Unmounting";
- else if (state == Volume::State_Checking)
- return "Checking";
- else if (state == Volume::State_Formatting)
- return "Formatting";
- else if (state == Volume::State_Shared)
- return "Shared-Unmounted";
- else if (state == Volume::State_SharedMnt)
- return "Shared-Mounted";
- else
- return "Unknown-Error";
-}
-
-Volume::Volume(VolumeManager *vm, const fstab_rec* rec, int flags) {
- mVm = vm;
- mDebug = false;
- mLabel = strdup(rec->label);
- mUuid = NULL;
- mUserLabel = NULL;
- mState = Volume::State_Init;
- mFlags = flags;
- mCurrentlyMountedKdev = -1;
- mPartIdx = rec->partnum;
- mRetryMount = false;
-}
-
-Volume::~Volume() {
- free(mLabel);
- free(mUuid);
- free(mUserLabel);
-}
-
-void Volume::setDebug(bool enable) {
- mDebug = enable;
-}
-
-dev_t Volume::getDiskDevice() {
- return MKDEV(0, 0);
-};
-
-dev_t Volume::getShareDevice() {
- return getDiskDevice();
-}
-
-void Volume::handleVolumeShared() {
-}
-
-void Volume::handleVolumeUnshared() {
-}
-
-int Volume::handleBlockEvent(NetlinkEvent * /*evt*/) {
- errno = ENOSYS;
- return -1;
-}
-
-void Volume::setUuid(const char* uuid) {
- char msg[256];
-
- if (mUuid) {
- free(mUuid);
- }
-
- if (uuid) {
- mUuid = strdup(uuid);
- snprintf(msg, sizeof(msg), "%s %s \"%s\"", getLabel(),
- getFuseMountpoint(), mUuid);
- } else {
- mUuid = NULL;
- snprintf(msg, sizeof(msg), "%s %s", getLabel(), getFuseMountpoint());
- }
-
- mVm->getBroadcaster()->sendBroadcast(ResponseCode::VolumeUuidChange, msg,
- false);
-}
-
-void Volume::setUserLabel(const char* userLabel) {
- char msg[256];
-
- if (mUserLabel) {
- free(mUserLabel);
- }
-
- if (userLabel) {
- mUserLabel = strdup(userLabel);
- snprintf(msg, sizeof(msg), "%s %s \"%s\"", getLabel(),
- getFuseMountpoint(), mUserLabel);
- } else {
- mUserLabel = NULL;
- snprintf(msg, sizeof(msg), "%s %s", getLabel(), getFuseMountpoint());
- }
-
- mVm->getBroadcaster()->sendBroadcast(ResponseCode::VolumeUserLabelChange,
- msg, false);
-}
-
-void Volume::setState(int state) {
- char msg[255];
- int oldState = mState;
-
- if (oldState == state) {
- SLOGW("Duplicate state (%d)\n", state);
- return;
- }
-
- if ((oldState == Volume::State_Pending) && (state != Volume::State_Idle)) {
- mRetryMount = false;
- }
-
- mState = state;
-
- SLOGD("Volume %s state changing %d (%s) -> %d (%s)", mLabel,
- oldState, stateToStr(oldState), mState, stateToStr(mState));
- snprintf(msg, sizeof(msg),
- "Volume %s %s state changed from %d (%s) to %d (%s)", getLabel(),
- getFuseMountpoint(), oldState, stateToStr(oldState), mState,
- stateToStr(mState));
-
- mVm->getBroadcaster()->sendBroadcast(ResponseCode::VolumeStateChange,
- msg, false);
-}
-
-int Volume::createDeviceNode(const char *path, int major, int minor) {
- char *secontext = NULL;
- mode_t mode = 0660 | S_IFBLK;
- dev_t dev = (major << 8) | minor;
- int rc;
- if (sehandle) {
- rc = selabel_lookup(sehandle, &secontext, path, S_IFBLK);
- if (rc == 0)
- setfscreatecon(secontext);
- }
- if (mknod(path, mode, dev) < 0) {
- if (errno != EEXIST) {
- int sverrno = errno;
- if (secontext) {
- freecon(secontext);
- setfscreatecon(NULL);
- }
- errno = sverrno;
- return -1;
- }
- }
- if (secontext) {
- setfscreatecon(NULL);
- freecon(secontext);
- }
- return 0;
-}
-
-int Volume::formatVol(bool wipe) {
-
- if (getState() == Volume::State_NoMedia) {
- errno = ENODEV;
- return -1;
- } else if (getState() != Volume::State_Idle) {
- errno = EBUSY;
- return -1;
- }
-
- if (isMountpointMounted(getMountpoint())) {
- SLOGW("Volume is idle but appears to be mounted - fixing");
- setState(Volume::State_Mounted);
- // mCurrentlyMountedKdev = XXX
- errno = EBUSY;
- return -1;
- }
-
- bool formatEntireDevice = (mPartIdx == -1);
- char devicePath[255];
- dev_t diskNode = getDiskDevice();
- dev_t partNode =
- MKDEV(MAJOR(diskNode),
- MINOR(diskNode) + (formatEntireDevice ? 0 : mPartIdx));
-
- setState(Volume::State_Formatting);
-
- int ret = -1;
- // Only initialize the MBR if we are formatting the entire device
- if (formatEntireDevice) {
- sprintf(devicePath, "/dev/block/vold/%d:%d",
- major(diskNode), minor(diskNode));
-
- if (initializeMbr(devicePath)) {
- SLOGE("Failed to initialize MBR (%s)", strerror(errno));
- goto err;
- }
- }
-
- sprintf(devicePath, "/dev/block/vold/%d:%d",
- major(partNode), minor(partNode));
-
- if (mDebug) {
- SLOGI("Formatting volume %s (%s)", getLabel(), devicePath);
- }
-
- if (Fat::format(devicePath, 0, wipe)) {
- SLOGE("Failed to format (%s)", strerror(errno));
- goto err;
- }
-
- ret = 0;
-
-err:
- setState(Volume::State_Idle);
- return ret;
-}
-
-bool Volume::isMountpointMounted(const char *path) {
- FILE *fp = setmntent("/proc/mounts", "r");
- if (fp == NULL) {
- SLOGE("Error opening /proc/mounts (%s)", strerror(errno));
- return false;
- }
-
- bool found_path = false;
- mntent* mentry;
- while ((mentry = getmntent(fp)) != NULL) {
- if (strcmp(mentry->mnt_dir, path) == 0) {
- found_path = true;
- break;
- }
- }
- endmntent(fp);
- return found_path;
-}
-
-int Volume::mountVol() {
- dev_t deviceNodes[4];
- int n, i;
- char errmsg[255];
-
- int flags = getFlags();
- bool providesAsec = (flags & VOL_PROVIDES_ASEC) != 0;
-
- // TODO: handle "bind" style mounts, for emulated storage
-
- char decrypt_state[PROPERTY_VALUE_MAX];
- char crypto_state[PROPERTY_VALUE_MAX];
- char encrypt_progress[PROPERTY_VALUE_MAX];
-
- property_get("vold.decrypt", decrypt_state, "");
- property_get("vold.encrypt_progress", encrypt_progress, "");
-
- /* Don't try to mount the volumes if we have not yet entered the disk password
- * or are in the process of encrypting.
- */
- if ((getState() == Volume::State_NoMedia) ||
- ((!strcmp(decrypt_state, "1") || encrypt_progress[0]) && providesAsec)) {
- snprintf(errmsg, sizeof(errmsg),
- "Volume %s %s mount failed - no media",
- getLabel(), getFuseMountpoint());
- mVm->getBroadcaster()->sendBroadcast(
- ResponseCode::VolumeMountFailedNoMedia,
- errmsg, false);
- errno = ENODEV;
- return -1;
- } else if (getState() != Volume::State_Idle) {
- errno = EBUSY;
- if (getState() == Volume::State_Pending) {
- mRetryMount = true;
- }
- return -1;
- }
-
- if (isMountpointMounted(getMountpoint())) {
- SLOGW("Volume is idle but appears to be mounted - fixing");
- setState(Volume::State_Mounted);
- // mCurrentlyMountedKdev = XXX
- return 0;
- }
-
- n = getDeviceNodes((dev_t *) &deviceNodes, 4);
- if (!n) {
- SLOGE("Failed to get device nodes (%s)\n", strerror(errno));
- return -1;
- }
-
- /* If we're running encrypted, and the volume is marked as encryptable and nonremovable,
- * and also marked as providing Asec storage, then we need to decrypt
- * that partition, and update the volume object to point to it's new decrypted
- * block device
- */
- property_get("ro.crypto.state", crypto_state, "");
- if (providesAsec &&
- ((flags & (VOL_NONREMOVABLE | VOL_ENCRYPTABLE))==(VOL_NONREMOVABLE | VOL_ENCRYPTABLE)) &&
- !strcmp(crypto_state, "encrypted") && !isDecrypted()) {
- char new_sys_path[MAXPATHLEN];
- char nodepath[256];
- int new_major, new_minor;
-
- if (n != 1) {
- /* We only expect one device node returned when mounting encryptable volumes */
- SLOGE("Too many device nodes returned when mounting %s\n", getMountpoint());
- return -1;
- }
-
- if (cryptfs_setup_volume(getLabel(), MAJOR(deviceNodes[0]), MINOR(deviceNodes[0]),
- new_sys_path, sizeof(new_sys_path),
- &new_major, &new_minor)) {
- SLOGE("Cannot setup encryption mapping for %s\n", getMountpoint());
- return -1;
- }
- /* We now have the new sysfs path for the decrypted block device, and the
- * majore and minor numbers for it. So, create the device, update the
- * path to the new sysfs path, and continue.
- */
- snprintf(nodepath,
- sizeof(nodepath), "/dev/block/vold/%d:%d",
- new_major, new_minor);
- if (createDeviceNode(nodepath, new_major, new_minor)) {
- SLOGE("Error making device node '%s' (%s)", nodepath,
- strerror(errno));
- }
-
- // Todo: Either create sys filename from nodepath, or pass in bogus path so
- // vold ignores state changes on this internal device.
- updateDeviceInfo(nodepath, new_major, new_minor);
-
- /* Get the device nodes again, because they just changed */
- n = getDeviceNodes((dev_t *) &deviceNodes, 4);
- if (!n) {
- SLOGE("Failed to get device nodes (%s)\n", strerror(errno));
- return -1;
- }
- }
-
- for (i = 0; i < n; i++) {
- char devicePath[255];
-
- sprintf(devicePath, "/dev/block/vold/%d:%d", major(deviceNodes[i]),
- minor(deviceNodes[i]));
-
- SLOGI("%s being considered for volume %s\n", devicePath, getLabel());
-
- errno = 0;
- setState(Volume::State_Checking);
-
- if (Fat::check(devicePath)) {
- if (errno == ENODATA) {
- SLOGW("%s does not contain a FAT filesystem\n", devicePath);
- continue;
- }
- errno = EIO;
- /* Badness - abort the mount */
- SLOGE("%s failed FS checks (%s)", devicePath, strerror(errno));
- setState(Volume::State_Idle);
- return -1;
- }
-
- errno = 0;
-
- if (Fat::doMount(devicePath, getMountpoint(), false, false, false,
- AID_MEDIA_RW, AID_MEDIA_RW, 0007, true)) {
- SLOGE("%s failed to mount via VFAT (%s)\n", devicePath, strerror(errno));
- continue;
- }
-
- extractMetadata(devicePath);
-
- if (providesAsec && mountAsecExternal() != 0) {
- SLOGE("Failed to mount secure area (%s)", strerror(errno));
- umount(getMountpoint());
- setState(Volume::State_Idle);
- return -1;
- }
-
- char service[64];
- snprintf(service, 64, "fuse_%s", getLabel());
- property_set("ctl.start", service);
-
- setState(Volume::State_Mounted);
- mCurrentlyMountedKdev = deviceNodes[i];
- return 0;
- }
-
- SLOGE("Volume %s found no suitable devices for mounting :(\n", getLabel());
- setState(Volume::State_Idle);
-
- return -1;
-}
-
-int Volume::mountAsecExternal() {
- char legacy_path[PATH_MAX];
- char secure_path[PATH_MAX];
-
- snprintf(legacy_path, PATH_MAX, "%s/android_secure", getMountpoint());
- snprintf(secure_path, PATH_MAX, "%s/.android_secure", getMountpoint());
-
- // Recover legacy secure path
- if (!access(legacy_path, R_OK | X_OK) && access(secure_path, R_OK | X_OK)) {
- if (rename(legacy_path, secure_path)) {
- SLOGE("Failed to rename legacy asec dir (%s)", strerror(errno));
- }
- }
-
- if (fs_prepare_dir(secure_path, 0770, AID_MEDIA_RW, AID_MEDIA_RW) != 0) {
- SLOGW("fs_prepare_dir failed: %s", strerror(errno));
- return -1;
- }
-
- if (mount(secure_path, SEC_ASECDIR_EXT, "", MS_BIND, NULL)) {
- SLOGE("Failed to bind mount points %s -> %s (%s)", secure_path,
- SEC_ASECDIR_EXT, strerror(errno));
- return -1;
- }
-
- return 0;
-}
-
-int Volume::doUnmount(const char *path, bool force) {
- int retries = 10;
-
- if (mDebug) {
- SLOGD("Unmounting {%s}, force = %d", path, force);
- }
-
- while (retries--) {
- if (!umount(path) || errno == EINVAL || errno == ENOENT) {
- SLOGI("%s sucessfully unmounted", path);
- return 0;
- }
-
- int action = 0;
-
- if (force) {
- if (retries == 1) {
- action = 2; // SIGKILL
- } else if (retries == 2) {
- action = 1; // SIGHUP
- }
- }
-
- SLOGW("Failed to unmount %s (%s, retries %d, action %d)",
- path, strerror(errno), retries, action);
-
- Process::killProcessesWithOpenFiles(path, action);
- usleep(1000*1000);
- }
- errno = EBUSY;
- SLOGE("Giving up on unmount %s (%s)", path, strerror(errno));
- return -1;
-}
-
-int Volume::unmountVol(bool force, bool revert) {
- int flags = getFlags();
- bool providesAsec = (flags & VOL_PROVIDES_ASEC) != 0;
-
- if (getState() != Volume::State_Mounted) {
- SLOGE("Volume %s unmount request when not mounted", getLabel());
- errno = EINVAL;
- return UNMOUNT_NOT_MOUNTED_ERR;
- }
-
- setState(Volume::State_Unmounting);
- usleep(1000 * 1000); // Give the framework some time to react
-
- char service[64];
- snprintf(service, 64, "fuse_%s", getLabel());
- property_set("ctl.stop", service);
- /* Give it a chance to stop. I wish we had a synchronous way to determine this... */
- sleep(1);
-
- // TODO: determine failure mode if FUSE times out
-
- if (providesAsec && doUnmount(Volume::SEC_ASECDIR_EXT, force) != 0) {
- SLOGE("Failed to unmount secure area on %s (%s)", getMountpoint(), strerror(errno));
- goto out_mounted;
- }
-
- /* Now that the fuse daemon is dead, unmount it */
- if (doUnmount(getFuseMountpoint(), force) != 0) {
- SLOGE("Failed to unmount %s (%s)", getFuseMountpoint(), strerror(errno));
- goto fail_remount_secure;
- }
-
- /* Unmount the real sd card */
- if (doUnmount(getMountpoint(), force) != 0) {
- SLOGE("Failed to unmount %s (%s)", getMountpoint(), strerror(errno));
- goto fail_remount_secure;
- }
-
- SLOGI("%s unmounted successfully", getMountpoint());
-
- /* If this is an encrypted volume, and we've been asked to undo
- * the crypto mapping, then revert the dm-crypt mapping, and revert
- * the device info to the original values.
- */
- if (revert && isDecrypted()) {
- cryptfs_revert_volume(getLabel());
- revertDeviceInfo();
- SLOGI("Encrypted volume %s reverted successfully", getMountpoint());
- }
-
- setUuid(NULL);
- setUserLabel(NULL);
- setState(Volume::State_Idle);
- mCurrentlyMountedKdev = -1;
- return 0;
-
-fail_remount_secure:
- if (providesAsec && mountAsecExternal() != 0) {
- SLOGE("Failed to remount secure area (%s)", strerror(errno));
- goto out_nomedia;
- }
-
-out_mounted:
- setState(Volume::State_Mounted);
- return -1;
-
-out_nomedia:
- setState(Volume::State_NoMedia);
- return -1;
-}
-
-int Volume::initializeMbr(const char *deviceNode) {
- struct disk_info dinfo;
-
- memset(&dinfo, 0, sizeof(dinfo));
-
- if (!(dinfo.part_lst = (struct part_info *) malloc(MAX_NUM_PARTS * sizeof(struct part_info)))) {
- SLOGE("Failed to malloc prt_lst");
- return -1;
- }
-
- memset(dinfo.part_lst, 0, MAX_NUM_PARTS * sizeof(struct part_info));
- dinfo.device = strdup(deviceNode);
- dinfo.scheme = PART_SCHEME_MBR;
- dinfo.sect_size = 512;
- dinfo.skip_lba = 2048;
- dinfo.num_lba = 0;
- dinfo.num_parts = 1;
-
- struct part_info *pinfo = &dinfo.part_lst[0];
-
- pinfo->name = strdup("android_sdcard");
- pinfo->flags |= PART_ACTIVE_FLAG;
- pinfo->type = PC_PART_TYPE_FAT32;
- pinfo->len_kb = -1;
-
- int rc = apply_disk_config(&dinfo, 0);
-
- if (rc) {
- SLOGE("Failed to apply disk configuration (%d)", rc);
- goto out;
- }
-
- out:
- free(pinfo->name);
- free(dinfo.device);
- free(dinfo.part_lst);
-
- return rc;
-}
-
-/*
- * Use blkid to extract UUID and label from device, since it handles many
- * obscure edge cases around partition types and formats. Always broadcasts
- * updated metadata values.
- */
-int Volume::extractMetadata(const char* devicePath) {
- int res = 0;
-
- std::string cmd;
- cmd = BLKID_PATH;
- cmd += " -c /dev/null ";
- cmd += devicePath;
-
- FILE* fp = popen(cmd.c_str(), "r");
- if (!fp) {
- ALOGE("Failed to run %s: %s", cmd.c_str(), strerror(errno));
- res = -1;
- goto done;
- }
-
- char line[1024];
- char value[128];
- if (fgets(line, sizeof(line), fp) != NULL) {
- ALOGD("blkid identified as %s", line);
-
- char* start = strstr(line, "UUID=");
- if (start != NULL && sscanf(start + 5, "\"%127[^\"]\"", value) == 1) {
- setUuid(value);
- } else {
- setUuid(NULL);
- }
-
- start = strstr(line, "LABEL=");
- if (start != NULL && sscanf(start + 6, "\"%127[^\"]\"", value) == 1) {
- setUserLabel(value);
- } else {
- setUserLabel(NULL);
- }
- } else {
- ALOGW("blkid failed to identify %s", devicePath);
- res = -1;
- }
-
- pclose(fp);
-
-done:
- if (res == -1) {
- setUuid(NULL);
- setUserLabel(NULL);
- }
- return res;
-}
diff --git a/Volume.h b/Volume.h
deleted file mode 100644
index 1444ed3..0000000
--- a/Volume.h
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * Copyright (C) 2008 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef _VOLUME_H
-#define _VOLUME_H
-
-#include <utils/List.h>
-#include <fs_mgr.h>
-
-class NetlinkEvent;
-class VolumeManager;
-
-class Volume {
-private:
- int mState;
- int mFlags;
-
-public:
- static const int State_Init = -1;
- static const int State_NoMedia = 0;
- static const int State_Idle = 1;
- static const int State_Pending = 2;
- static const int State_Checking = 3;
- static const int State_Mounted = 4;
- static const int State_Unmounting = 5;
- static const int State_Formatting = 6;
- static const int State_Shared = 7;
- static const int State_SharedMnt = 8;
-
- static const char *MEDIA_DIR;
- static const char *FUSE_DIR;
- static const char *SEC_ASECDIR_EXT;
- static const char *SEC_ASECDIR_INT;
- static const char *ASECDIR;
- static const char *LOOPDIR;
- static const char *BLKID_PATH;
-
-protected:
- char* mLabel;
- char* mUuid;
- char* mUserLabel;
- VolumeManager *mVm;
- bool mDebug;
- int mPartIdx;
- int mOrigPartIdx;
- bool mRetryMount;
-
- /*
- * The major/minor tuple of the currently mounted filesystem.
- */
- dev_t mCurrentlyMountedKdev;
-
-public:
- Volume(VolumeManager *vm, const fstab_rec* rec, int flags);
- virtual ~Volume();
-
- int mountVol();
- int unmountVol(bool force, bool revert);
- int formatVol(bool wipe);
-
- const char* getLabel() { return mLabel; }
- const char* getUuid() { return mUuid; }
- const char* getUserLabel() { return mUserLabel; }
- int getState() { return mState; }
- int getFlags() { return mFlags; };
-
- /* Mountpoint of the raw volume */
- virtual const char *getMountpoint() = 0;
- virtual const char *getFuseMountpoint() = 0;
-
- virtual int handleBlockEvent(NetlinkEvent *evt);
- virtual dev_t getDiskDevice();
- virtual dev_t getShareDevice();
- virtual void handleVolumeShared();
- virtual void handleVolumeUnshared();
-
- void setDebug(bool enable);
- virtual int getVolInfo(struct volume_info *v) = 0;
-
-protected:
- void setUuid(const char* uuid);
- void setUserLabel(const char* userLabel);
- void setState(int state);
-
- virtual int getDeviceNodes(dev_t *devs, int max) = 0;
- virtual int updateDeviceInfo(char *new_path, int new_major, int new_minor) = 0;
- virtual void revertDeviceInfo(void) = 0;
- virtual int isDecrypted(void) = 0;
-
- int createDeviceNode(const char *path, int major, int minor);
-
-private:
- int initializeMbr(const char *deviceNode);
- bool isMountpointMounted(const char *path);
- int mountAsecExternal();
- int doUnmount(const char *path, bool force);
- int extractMetadata(const char* devicePath);
-};
-
-typedef android::List<Volume *> VolumeCollection;
-
-#endif
diff --git a/VolumeBase.cpp b/VolumeBase.cpp
new file mode 100644
index 0000000..ca056a4
--- /dev/null
+++ b/VolumeBase.cpp
@@ -0,0 +1,246 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "Utils.h"
+#include "VolumeBase.h"
+#include "VolumeManager.h"
+#include "ResponseCode.h"
+
+#include <base/stringprintf.h>
+#include <base/logging.h>
+
+#include <fcntl.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+using android::base::StringPrintf;
+
+#define DEBUG 1
+
+namespace android {
+namespace vold {
+
+VolumeBase::VolumeBase(Type type) :
+ mType(type), mMountFlags(0), mMountUserId(-1), mCreated(false), mState(
+ State::kUnmounted), mSilent(false) {
+}
+
+VolumeBase::~VolumeBase() {
+ CHECK(!mCreated);
+}
+
+void VolumeBase::setState(State state) {
+ mState = state;
+ notifyEvent(ResponseCode::VolumeStateChanged, StringPrintf("%d", mState));
+}
+
+status_t VolumeBase::setDiskId(const std::string& diskId) {
+ if (mCreated) {
+ LOG(WARNING) << getId() << " diskId change requires destroyed";
+ return -EBUSY;
+ }
+
+ mDiskId = diskId;
+ return OK;
+}
+
+status_t VolumeBase::setMountFlags(int mountFlags) {
+ if ((mState != State::kUnmounted) && (mState != State::kUnmountable)) {
+ LOG(WARNING) << getId() << " flags change requires state unmounted or unmountable";
+ return -EBUSY;
+ }
+
+ mMountFlags = mountFlags;
+ return OK;
+}
+
+status_t VolumeBase::setMountUserId(userid_t mountUserId) {
+ if ((mState != State::kUnmounted) && (mState != State::kUnmountable)) {
+ LOG(WARNING) << getId() << " user change requires state unmounted or unmountable";
+ return -EBUSY;
+ }
+
+ mMountUserId = mountUserId;
+ return OK;
+}
+
+status_t VolumeBase::setSilent(bool silent) {
+ if (mCreated) {
+ LOG(WARNING) << getId() << " silence change requires destroyed";
+ return -EBUSY;
+ }
+
+ mSilent = silent;
+ return OK;
+}
+
+status_t VolumeBase::setId(const std::string& id) {
+ if (mCreated) {
+ LOG(WARNING) << getId() << " id change requires not created";
+ return -EBUSY;
+ }
+
+ mId = id;
+ return OK;
+}
+
+status_t VolumeBase::setPath(const std::string& path) {
+ if (mState != State::kChecking) {
+ LOG(WARNING) << getId() << " path change requires state checking";
+ return -EBUSY;
+ }
+
+ mPath = path;
+ notifyEvent(ResponseCode::VolumePathChanged, mPath);
+ return OK;
+}
+
+status_t VolumeBase::setInternalPath(const std::string& internalPath) {
+ if (mState != State::kChecking) {
+ LOG(WARNING) << getId() << " internal path change requires state checking";
+ return -EBUSY;
+ }
+
+ mInternalPath = internalPath;
+ notifyEvent(ResponseCode::VolumeInternalPathChanged, mInternalPath);
+ return OK;
+}
+
+void VolumeBase::notifyEvent(int event) {
+ if (mSilent) return;
+ VolumeManager::Instance()->getBroadcaster()->sendBroadcast(event,
+ getId().c_str(), false);
+}
+
+void VolumeBase::notifyEvent(int event, const std::string& value) {
+ if (mSilent) return;
+ VolumeManager::Instance()->getBroadcaster()->sendBroadcast(event,
+ StringPrintf("%s %s", getId().c_str(), value.c_str()).c_str(), false);
+}
+
+void VolumeBase::addVolume(const std::shared_ptr<VolumeBase>& volume) {
+ mVolumes.push_back(volume);
+}
+
+void VolumeBase::removeVolume(const std::shared_ptr<VolumeBase>& volume) {
+ mVolumes.remove(volume);
+}
+
+std::shared_ptr<VolumeBase> VolumeBase::findVolume(const std::string& id) {
+ for (auto vol : mVolumes) {
+ if (vol->getId() == id) {
+ return vol;
+ }
+ }
+ return nullptr;
+}
+
+status_t VolumeBase::create() {
+ CHECK(!mCreated);
+
+ mCreated = true;
+ status_t res = doCreate();
+ notifyEvent(ResponseCode::VolumeCreated, StringPrintf("%d %s", mType, mDiskId.c_str()));
+ setState(State::kUnmounted);
+ return res;
+}
+
+status_t VolumeBase::doCreate() {
+ return OK;
+}
+
+status_t VolumeBase::destroy() {
+ CHECK(mCreated);
+
+ if (mState == State::kMounted) {
+ unmount();
+ setState(State::kBadRemoval);
+ } else {
+ setState(State::kRemoved);
+ }
+
+ notifyEvent(ResponseCode::VolumeDestroyed);
+ status_t res = doDestroy();
+ mCreated = false;
+ return res;
+}
+
+status_t VolumeBase::doDestroy() {
+ return OK;
+}
+
+status_t VolumeBase::mount() {
+ if ((mState != State::kUnmounted) && (mState != State::kUnmountable)) {
+ LOG(WARNING) << getId() << " mount requires state unmounted or unmountable";
+ return -EBUSY;
+ }
+
+ setState(State::kChecking);
+ status_t res = doMount();
+ if (res == OK) {
+ setState(State::kMounted);
+ } else {
+ setState(State::kUnmountable);
+ }
+
+ return res;
+}
+
+status_t VolumeBase::unmount() {
+ if (mState != State::kMounted) {
+ LOG(WARNING) << getId() << " unmount requires state mounted";
+ return -EBUSY;
+ }
+
+ setState(State::kEjecting);
+
+ for (auto vol : mVolumes) {
+ if (vol->destroy()) {
+ LOG(WARNING) << getId() << " failed to destroy " << vol->getId()
+ << " stacked above";
+ }
+ }
+ mVolumes.clear();
+
+ status_t res = doUnmount();
+ setState(State::kUnmounted);
+ return res;
+}
+
+status_t VolumeBase::format() {
+ if (mState == State::kMounted) {
+ unmount();
+ }
+
+ if ((mState != State::kUnmounted) && (mState != State::kUnmountable)) {
+ LOG(WARNING) << getId() << " format requires state unmounted or unmountable";
+ return -EBUSY;
+ }
+
+ setState(State::kFormatting);
+ status_t res = doFormat();
+ setState(State::kUnmounted);
+ return res;
+}
+
+status_t VolumeBase::doFormat() {
+ return -ENOTSUP;
+}
+
+} // namespace vold
+} // namespace android
diff --git a/VolumeBase.h b/VolumeBase.h
new file mode 100644
index 0000000..a9975f8
--- /dev/null
+++ b/VolumeBase.h
@@ -0,0 +1,151 @@
+/*
+ * Copyright (C) 2008 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ANDROID_VOLD_VOLUME_BASE_H
+#define ANDROID_VOLD_VOLUME_BASE_H
+
+#include "Utils.h"
+
+#include <cutils/multiuser.h>
+#include <utils/Errors.h>
+
+#include <sys/types.h>
+#include <list>
+#include <string>
+
+namespace android {
+namespace vold {
+
+/*
+ * Representation of a mounted volume ready for presentation.
+ *
+ * Various subclasses handle the different mounting prerequisites, such as
+ * encryption details, etc. Volumes can also be "stacked" above other
+ * volumes to help communicate dependencies. For example, an ASEC volume
+ * can be stacked on a vfat volume.
+ *
+ * Mounted volumes can be asked to manage bind mounts to present themselves
+ * to specific users on the device.
+ *
+ * When an unmount is requested, the volume recursively unmounts any stacked
+ * volumes and removes any bind mounts before finally unmounting itself.
+ */
+class VolumeBase {
+public:
+ virtual ~VolumeBase();
+
+ enum class Type {
+ kPublic = 0,
+ kPrivate,
+ kEmulated,
+ kAsec,
+ kObb,
+ };
+
+ enum MountFlags {
+ /* Flag that volume is primary external storage */
+ kPrimary = 1 << 0,
+ /* Flag that volume is visible to normal apps */
+ kVisible = 1 << 1,
+ };
+
+ enum class State {
+ kUnmounted = 0,
+ kChecking,
+ kMounted,
+ kMountedReadOnly,
+ kFormatting,
+ kEjecting,
+ kUnmountable,
+ kRemoved,
+ kBadRemoval,
+ };
+
+ const std::string& getId() { return mId; }
+ const std::string& getDiskId() { return mDiskId; }
+ Type getType() { return mType; }
+ int getMountFlags() { return mMountFlags; }
+ userid_t getMountUserId() { return mMountUserId; }
+ State getState() { return mState; }
+ const std::string& getPath() { return mPath; }
+ const std::string& getInternalPath() { return mInternalPath; }
+
+ status_t setDiskId(const std::string& diskId);
+ status_t setMountFlags(int mountFlags);
+ status_t setMountUserId(userid_t mountUserId);
+ status_t setSilent(bool silent);
+
+ void addVolume(const std::shared_ptr<VolumeBase>& volume);
+ void removeVolume(const std::shared_ptr<VolumeBase>& volume);
+
+ std::shared_ptr<VolumeBase> findVolume(const std::string& id);
+
+ status_t create();
+ status_t destroy();
+ status_t mount();
+ status_t unmount();
+ status_t format();
+
+protected:
+ explicit VolumeBase(Type type);
+
+ virtual status_t doCreate();
+ virtual status_t doDestroy();
+ virtual status_t doMount() = 0;
+ virtual status_t doUnmount() = 0;
+ virtual status_t doFormat();
+
+ status_t setId(const std::string& id);
+ status_t setPath(const std::string& path);
+ status_t setInternalPath(const std::string& internalPath);
+
+ void notifyEvent(int msg);
+ void notifyEvent(int msg, const std::string& value);
+
+private:
+ /* ID that uniquely references volume while alive */
+ std::string mId;
+ /* ID that uniquely references parent disk while alive */
+ std::string mDiskId;
+ /* Volume type */
+ Type mType;
+ /* Flags used when mounting this volume */
+ int mMountFlags;
+ /* User that owns this volume, otherwise -1 */
+ userid_t mMountUserId;
+ /* Flag indicating object is created */
+ bool mCreated;
+ /* Current state of volume */
+ State mState;
+ /* Path to mounted volume */
+ std::string mPath;
+ /* Path to internal backing storage */
+ std::string mInternalPath;
+ /* Flag indicating that volume should emit no events */
+ bool mSilent;
+
+ /* Volumes stacked on top of this volume */
+ std::list<std::shared_ptr<VolumeBase>> mVolumes;
+
+ void setState(State state);
+
+ DISALLOW_COPY_AND_ASSIGN(VolumeBase);
+};
+
+} // namespace vold
+} // namespace android
+
+#endif
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index da4deb6..8f73e63 100755
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -34,6 +34,8 @@
#include <openssl/md5.h>
+#include <base/logging.h>
+#include <base/stringprintf.h>
#include <cutils/fs.h>
#include <cutils/log.h>
@@ -43,12 +45,14 @@
#include <private/android_filesystem_config.h>
+#include "EmulatedVolume.h"
#include "VolumeManager.h"
-#include "DirectVolume.h"
+#include "NetlinkManager.h"
#include "ResponseCode.h"
#include "Loop.h"
#include "Ext4.h"
#include "Fat.h"
+#include "Utils.h"
#include "Devmapper.h"
#include "Process.h"
#include "Asec.h"
@@ -60,9 +64,35 @@
#define ROUND_UP_POWER_OF_2(number, po2) (((!!(number & ((1U << po2) - 1))) << po2)\
+ (number & (~((1U << po2) - 1))))
+using android::base::StringPrintf;
+
+/*
+ * Path to external storage where *only* root can access ASEC image files
+ */
+const char *VolumeManager::SEC_ASECDIR_EXT = "/mnt/secure/asec";
+
+/*
+ * Path to internal storage where *only* root can access ASEC image files
+ */
+const char *VolumeManager::SEC_ASECDIR_INT = "/data/app-asec";
+
+/*
+ * Path to where secure containers are mounted
+ */
+const char *VolumeManager::ASECDIR = "/mnt/asec";
+
+/*
+ * Path to where OBBs are mounted
+ */
+const char *VolumeManager::LOOPDIR = "/mnt/obb";
+
+static const char* kUserMountPath = "/mnt/user";
+
+static const unsigned int kMajorBlockMmc = 179;
+
/* writes superblock at end of file or device given by name */
static int writeSuperBlock(const char* name, struct asec_superblock *sb, unsigned int numImgSectors) {
- int sbfd = open(name, O_RDWR);
+ int sbfd = open(name, O_RDWR | O_CLOEXEC);
if (sbfd < 0) {
SLOGE("Failed to open %s for superblock write (%s)", name, strerror(errno));
return -1;
@@ -171,18 +201,15 @@
VolumeManager::VolumeManager() {
mDebug = false;
- mVolumes = new VolumeCollection();
mActiveContainers = new AsecIdCollection();
mBroadcaster = NULL;
mUmsSharingCount = 0;
mSavedDirtyRatio = -1;
// set dirty ratio to 0 when UMS is active
mUmsDirtyRatio = 0;
- mVolManagerDisabled = 0;
}
VolumeManager::~VolumeManager() {
- delete mVolumes;
delete mActiveContainers;
}
@@ -218,96 +245,235 @@
return buffer;
}
-void VolumeManager::setDebug(bool enable) {
+int VolumeManager::setDebug(bool enable) {
mDebug = enable;
- VolumeCollection::iterator it;
- for (it = mVolumes->begin(); it != mVolumes->end(); ++it) {
- (*it)->setDebug(enable);
- }
+ return 0;
}
int VolumeManager::start() {
+ // Always start from a clean slate by unmounting everything in
+ // directories that we own, in case we crashed.
+ unmountAll();
+
+ // Assume that we always have an emulated volume on internal
+ // storage; the framework will decide if it should be mounted.
+ CHECK(mInternalEmulated == nullptr);
+ mInternalEmulated = std::shared_ptr<android::vold::VolumeBase>(
+ new android::vold::EmulatedVolume("/data/media"));
+ mInternalEmulated->create();
+
return 0;
}
int VolumeManager::stop() {
- return 0;
-}
-
-int VolumeManager::addVolume(Volume *v) {
- mVolumes->push_back(v);
+ CHECK(mInternalEmulated != nullptr);
+ mInternalEmulated->destroy();
+ mInternalEmulated = nullptr;
return 0;
}
void VolumeManager::handleBlockEvent(NetlinkEvent *evt) {
-#ifdef NETLINK_DEBUG
- const char *devpath = evt->findParam("DEVPATH");
-#endif
+ std::lock_guard<std::mutex> lock(mLock);
- /* Lookup a volume to handle this device */
- VolumeCollection::iterator it;
- bool hit = false;
- for (it = mVolumes->begin(); it != mVolumes->end(); ++it) {
- if (!(*it)->handleBlockEvent(evt)) {
-#ifdef NETLINK_DEBUG
- SLOGD("Device '%s' event handled by volume %s\n", devpath, (*it)->getLabel());
-#endif
- hit = true;
- break;
- }
+ if (mDebug) {
+ LOG(VERBOSE) << "----------------";
+ LOG(VERBOSE) << "handleBlockEvent with action " << (int) evt->getAction();
+ evt->dump();
}
- if (!hit) {
-#ifdef NETLINK_DEBUG
- SLOGW("No volumes handled block event for '%s'", devpath);
-#endif
+ std::string eventPath(evt->findParam("DEVPATH"));
+ std::string devType(evt->findParam("DEVTYPE"));
+
+ if (devType != "disk") return;
+
+ int major = atoi(evt->findParam("MAJOR"));
+ int minor = atoi(evt->findParam("MINOR"));
+ dev_t device = makedev(major, minor);
+
+ switch (evt->getAction()) {
+ case NetlinkEvent::Action::kAdd: {
+ for (auto source : mDiskSources) {
+ if (source->matches(eventPath)) {
+ // For now, assume that MMC devices are SD, and that
+ // everything else is USB
+ int flags = source->getFlags();
+ if (major == kMajorBlockMmc) {
+ flags |= android::vold::Disk::Flags::kSd;
+ } else {
+ flags |= android::vold::Disk::Flags::kUsb;
+ }
+
+ auto disk = new android::vold::Disk(eventPath, device,
+ source->getNickname(), flags);
+ disk->create();
+ mDisks.push_back(std::shared_ptr<android::vold::Disk>(disk));
+ break;
+ }
+ }
+ break;
+ }
+ case NetlinkEvent::Action::kChange: {
+ LOG(DEBUG) << "Disk at " << major << ":" << minor << " changed";
+ for (auto disk : mDisks) {
+ if (disk->getDevice() == device) {
+ disk->readMetadata();
+ disk->readPartitions();
+ }
+ }
+ break;
+ }
+ case NetlinkEvent::Action::kRemove: {
+ auto i = mDisks.begin();
+ while (i != mDisks.end()) {
+ if ((*i)->getDevice() == device) {
+ (*i)->destroy();
+ i = mDisks.erase(i);
+ } else {
+ ++i;
+ }
+ }
+ break;
+ }
+ default: {
+ LOG(WARNING) << "Unexpected block event action " << (int) evt->getAction();
+ break;
+ }
}
}
-int VolumeManager::listVolumes(SocketClient *cli, bool broadcast) {
- VolumeCollection::iterator i;
- char msg[256];
+void VolumeManager::addDiskSource(const std::shared_ptr<DiskSource>& diskSource) {
+ mDiskSources.push_back(diskSource);
+}
- for (i = mVolumes->begin(); i != mVolumes->end(); ++i) {
- char *buffer;
- asprintf(&buffer, "%s %s %d",
- (*i)->getLabel(), (*i)->getFuseMountpoint(),
- (*i)->getState());
- cli->sendMsg(ResponseCode::VolumeListResult, buffer, false);
- free(buffer);
- if (broadcast) {
- if((*i)->getUuid()) {
- snprintf(msg, sizeof(msg), "%s %s \"%s\"", (*i)->getLabel(),
- (*i)->getFuseMountpoint(), (*i)->getUuid());
- mBroadcaster->sendBroadcast(ResponseCode::VolumeUuidChange,
- msg, false);
- }
- if((*i)->getUserLabel()) {
- snprintf(msg, sizeof(msg), "%s %s \"%s\"", (*i)->getLabel(),
- (*i)->getFuseMountpoint(), (*i)->getUserLabel());
- mBroadcaster->sendBroadcast(ResponseCode::VolumeUserLabelChange,
- msg, false);
- }
+std::shared_ptr<android::vold::Disk> VolumeManager::findDisk(const std::string& id) {
+ for (auto disk : mDisks) {
+ if (disk->getId() == id) {
+ return disk;
}
}
- cli->sendMsg(ResponseCode::CommandOkay, "Volumes listed.", false);
+ return nullptr;
+}
+
+std::shared_ptr<android::vold::VolumeBase> VolumeManager::findVolume(const std::string& id) {
+ if (mInternalEmulated->getId() == id) {
+ return mInternalEmulated;
+ }
+ for (auto disk : mDisks) {
+ auto vol = disk->findVolume(id);
+ if (vol != nullptr) {
+ return vol;
+ }
+ }
+ return nullptr;
+}
+
+int VolumeManager::linkPrimary(userid_t userId) {
+ std::string source(mPrimary->getPath());
+ if (mPrimary->getType() == android::vold::VolumeBase::Type::kEmulated) {
+ source = StringPrintf("%s/%d", source.c_str(), userId);
+ }
+
+ std::string target(StringPrintf("/mnt/user/%d/primary", userId));
+ if (TEMP_FAILURE_RETRY(unlink(target.c_str()))) {
+ if (errno != ENOENT) {
+ SLOGW("Failed to unlink %s: %s", target.c_str(), strerror(errno));
+ }
+ }
+ LOG(DEBUG) << "Linking " << source << " to " << target;
+ if (TEMP_FAILURE_RETRY(symlink(source.c_str(), target.c_str()))) {
+ SLOGW("Failed to link %s to %s: %s", source.c_str(), target.c_str(),
+ strerror(errno));
+ return -errno;
+ }
return 0;
}
-int VolumeManager::formatVolume(const char *label, bool wipe) {
- Volume *v = lookupVolume(label);
+int VolumeManager::startUser(userid_t userId) {
+ // Note that sometimes the system will spin up processes from Zygote
+ // before actually starting the user, so we're okay if Zygote
+ // already created this directory.
+ std::string path(StringPrintf("%s/%d", kUserMountPath, userId));
+ fs_prepare_dir(path.c_str(), 0755, AID_ROOT, AID_ROOT);
- if (!v) {
- errno = ENOENT;
- return -1;
+ mUsers.push_back(userId);
+ if (mPrimary) {
+ linkPrimary(userId);
+ }
+ return 0;
+}
+
+int VolumeManager::cleanupUser(userid_t userId) {
+ mUsers.remove(userId);
+ return 0;
+}
+
+int VolumeManager::setPrimary(const std::shared_ptr<android::vold::VolumeBase>& vol) {
+ mPrimary = vol;
+ for (userid_t userId : mUsers) {
+ linkPrimary(userId);
+ }
+ return 0;
+}
+
+int VolumeManager::reset() {
+ // Tear down all existing disks/volumes and start from a blank slate so
+ // newly connected framework hears all events.
+ mInternalEmulated->destroy();
+ mInternalEmulated->create();
+ for (auto disk : mDisks) {
+ disk->destroy();
+ disk->create();
+ }
+ mUsers.clear();
+ return 0;
+}
+
+int VolumeManager::shutdown() {
+ mInternalEmulated->destroy();
+ for (auto disk : mDisks) {
+ disk->destroy();
+ }
+ mDisks.clear();
+ return 0;
+}
+
+int VolumeManager::unmountAll() {
+ std::lock_guard<std::mutex> lock(mLock);
+
+ // First, try gracefully unmounting all known devices
+ if (mInternalEmulated != nullptr) {
+ mInternalEmulated->unmount();
+ }
+ for (auto disk : mDisks) {
+ disk->unmountAll();
}
- if (mVolManagerDisabled) {
- errno = EBUSY;
- return -1;
+ // Worst case we might have some stale mounts lurking around, so
+ // force unmount those just to be safe.
+ FILE* fp = setmntent("/proc/mounts", "r");
+ if (fp == NULL) {
+ SLOGE("Error opening /proc/mounts: %s", strerror(errno));
+ return -errno;
}
- return v->formatVol(wipe);
+ // Some volumes can be stacked on each other, so force unmount in
+ // reverse order to give us the best chance of success.
+ std::list<std::string> toUnmount;
+ mntent* mentry;
+ while ((mentry = getmntent(fp)) != NULL) {
+ if (strncmp(mentry->mnt_dir, "/mnt/", 5) == 0
+ || strncmp(mentry->mnt_dir, "/storage/", 9) == 0) {
+ toUnmount.push_front(std::string(mentry->mnt_dir));
+ }
+ }
+ endmntent(fp);
+
+ for (auto path : toUnmount) {
+ SLOGW("Tearing down stale mount %s", path.c_str());
+ android::vold::ForceUnmount(path);
+ }
+
+ return 0;
}
int VolumeManager::getObbMountPath(const char *sourceFile, char *mountPath, int mountPathLen) {
@@ -318,7 +484,7 @@
}
memset(mountPath, 0, mountPathLen);
- int written = snprintf(mountPath, mountPathLen, "%s/%s", Volume::LOOPDIR, idHash);
+ int written = snprintf(mountPath, mountPathLen, "%s/%s", VolumeManager::LOOPDIR, idHash);
if ((written < 0) || (written >= mountPathLen)) {
errno = EINVAL;
return -1;
@@ -352,7 +518,7 @@
return -1;
}
- int written = snprintf(buffer, maxlen, "%s/%s", Volume::ASECDIR, id);
+ int written = snprintf(buffer, maxlen, "%s/%s", VolumeManager::ASECDIR, id);
if ((written < 0) || (written >= maxlen)) {
SLOGE("getAsecMountPath failed for %s: couldn't construct path in buffer", id);
errno = EINVAL;
@@ -424,12 +590,6 @@
return -1;
}
- if (lookupVolume(id)) {
- SLOGE("ASEC id '%s' currently exists", id);
- errno = EADDRINUSE;
- return -1;
- }
-
char asecFileName[255];
if (!findAsec(id, asecFileName, sizeof(asecFileName))) {
@@ -439,7 +599,7 @@
return -1;
}
- const char *asecDir = isExternal ? Volume::SEC_ASECDIR_EXT : Volume::SEC_ASECDIR_INT;
+ const char *asecDir = isExternal ? VolumeManager::SEC_ASECDIR_EXT : VolumeManager::SEC_ASECDIR_INT;
int written = snprintf(asecFileName, sizeof(asecFileName), "%s/%s.asec", asecDir, id);
if ((written < 0) || (size_t(written) >= sizeof(asecFileName))) {
@@ -515,7 +675,7 @@
int formatStatus;
char mountPoint[255];
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::ASECDIR, id);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("ASEC fs format failed: couldn't construct mountPoint");
if (cleanupDm) {
@@ -573,7 +733,7 @@
}
if (usingExt4) {
- int dirfd = open(mountPoint, O_DIRECTORY);
+ int dirfd = open(mountPoint, O_DIRECTORY | O_CLOEXEC);
if (dirfd >= 0) {
if (fchown(dirfd, ownerUid, AID_SYSTEM)
|| fchmod(dirfd, S_IRUSR | S_IWUSR | S_IXUSR | S_ISGID | S_IRGRP | S_IXGRP)) {
@@ -606,7 +766,7 @@
return -1;
}
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::ASECDIR, id);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("ASEC resize failed for %s: couldn't construct mountpoint", id);
return -1;
@@ -622,7 +782,7 @@
int fd;
unsigned int oldNumSec = 0;
- if ((fd = open(asecFileName, O_RDONLY)) < 0) {
+ if ((fd = open(asecFileName, O_RDONLY | O_CLOEXEC)) < 0) {
SLOGE("Failed to open ASEC file (%s)", strerror(errno));
return -1;
}
@@ -767,7 +927,7 @@
return -1;
}
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::ASECDIR, id);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("ASEC finalize failed: couldn't construct mountPoint");
return -1;
@@ -830,7 +990,7 @@
return -1;
}
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::ASECDIR, id);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("Unable remount to fix permissions for %s: couldn't construct mountpoint", id);
return -1;
@@ -868,7 +1028,7 @@
*/
const bool privateFile = !strcmp(ftsent->fts_name, filename);
- int fd = open(ftsent->fts_accpath, O_NOFOLLOW);
+ int fd = open(ftsent->fts_accpath, O_NOFOLLOW | O_CLOEXEC);
if (fd < 0) {
SLOGE("Couldn't open file %s: %s", ftsent->fts_accpath, strerror(errno));
result = -1;
@@ -893,7 +1053,7 @@
fts_close(fts);
// Finally make the directory readable by everyone.
- int dirfd = open(mountPoint, O_DIRECTORY);
+ int dirfd = open(mountPoint, O_DIRECTORY | O_CLOEXEC);
if (dirfd < 0 || fchmod(dirfd, 0755)) {
SLOGE("Couldn't change owner of existing directory %s: %s", mountPoint, strerror(errno));
result |= -1;
@@ -945,7 +1105,7 @@
asprintf(&asecFilename2, "%s/%s.asec", dir, id2);
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id1);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::ASECDIR, id1);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("Rename failed: couldn't construct mountpoint");
goto out_err;
@@ -957,7 +1117,7 @@
goto out_err;
}
- written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id2);
+ written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::ASECDIR, id2);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("Rename failed: couldn't construct mountpoint2");
goto out_err;
@@ -1005,7 +1165,7 @@
return -1;
}
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::ASECDIR, id);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("ASEC unmount failed for %s: couldn't construct mountpoint", id);
return -1;
@@ -1029,7 +1189,7 @@
return -1;
}
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::LOOPDIR, idHash);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::LOOPDIR, idHash);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("OBB unmount failed for %s: couldn't construct mountpoint", fileName);
return -1;
@@ -1060,16 +1220,16 @@
SLOGW("%s unmount attempt %d failed (%s)",
id, i, strerror(errno));
- int action = 0; // default is to just complain
+ int signal = 0; // default is to just complain
if (force) {
if (i > (UNMOUNT_RETRIES - 2))
- action = 2; // SIGKILL
+ signal = SIGKILL;
else if (i > (UNMOUNT_RETRIES - 3))
- action = 1; // SIGHUP
+ signal = SIGTERM;
}
- Process::killProcessesWithOpenFiles(mountPoint, action);
+ Process::killProcessesWithOpenFiles(mountPoint, signal);
usleep(UNMOUNT_SLEEP_BETWEEN_RETRY_MS);
}
@@ -1141,7 +1301,7 @@
return -1;
}
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::ASECDIR, id);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("ASEC destroy failed for %s: couldn't construct mountpoint", id);
return -1;
@@ -1201,7 +1361,7 @@
}
bool VolumeManager::isAsecInDirectory(const char *dir, const char *asecName) const {
- int dirfd = open(dir, O_DIRECTORY);
+ int dirfd = open(dir, O_DIRECTORY | O_CLOEXEC);
if (dirfd < 0) {
SLOGE("Couldn't open internal ASEC dir (%s)", strerror(errno));
return false;
@@ -1232,10 +1392,10 @@
}
const char *dir;
- if (isAsecInDirectory(Volume::SEC_ASECDIR_INT, asecName)) {
- dir = Volume::SEC_ASECDIR_INT;
- } else if (isAsecInDirectory(Volume::SEC_ASECDIR_EXT, asecName)) {
- dir = Volume::SEC_ASECDIR_EXT;
+ if (isAsecInDirectory(VolumeManager::SEC_ASECDIR_INT, asecName)) {
+ dir = VolumeManager::SEC_ASECDIR_INT;
+ } else if (isAsecInDirectory(VolumeManager::SEC_ASECDIR_EXT, asecName)) {
+ dir = VolumeManager::SEC_ASECDIR_EXT;
} else {
free(asecName);
return -1;
@@ -1273,7 +1433,7 @@
return -1;
}
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::ASECDIR, id);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::ASECDIR, id);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("ASEC mount failed for %s: couldn't construct mountpoint", id);
return -1;
@@ -1360,19 +1520,6 @@
return 0;
}
-Volume* VolumeManager::getVolumeForFile(const char *fileName) {
- VolumeCollection::iterator i;
-
- for (i = mVolumes->begin(); i != mVolumes->end(); ++i) {
- const char* mountPoint = (*i)->getFuseMountpoint();
- if (!strncmp(fileName, mountPoint, strlen(mountPoint))) {
- return *i;
- }
- }
-
- return NULL;
-}
-
/**
* Mounts an image file <code>img</code>.
*/
@@ -1385,7 +1532,7 @@
return -1;
}
- int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", Volume::LOOPDIR, idHash);
+ int written = snprintf(mountPoint, sizeof(mountPoint), "%s/%s", VolumeManager::LOOPDIR, idHash);
if ((written < 0) || (size_t(written) >= sizeof(mountPoint))) {
SLOGE("OBB mount failed for %s: couldn't construct mountpoint", img);
return -1;
@@ -1406,7 +1553,7 @@
int fd;
unsigned long nr_sec = 0;
- if ((fd = open(loopDevice, O_RDWR)) < 0) {
+ if ((fd = open(loopDevice, O_RDWR | O_CLOEXEC)) < 0) {
SLOGE("Failed to open loopdevice (%s)", strerror(errno));
Loop::destroyByDevice(loopDevice);
return -1;
@@ -1460,17 +1607,6 @@
return 0;
}
-int VolumeManager::mountVolume(const char *label) {
- Volume *v = lookupVolume(label);
-
- if (!v) {
- errno = ENOENT;
- return -1;
- }
-
- return v->mountVol();
-}
-
int VolumeManager::listMountedObbs(SocketClient* cli) {
FILE *fp = setmntent("/proc/mounts", "r");
if (fp == NULL) {
@@ -1479,16 +1615,16 @@
}
// Create a string to compare against that has a trailing slash
- int loopDirLen = strlen(Volume::LOOPDIR);
+ int loopDirLen = strlen(VolumeManager::LOOPDIR);
char loopDir[loopDirLen + 2];
- strcpy(loopDir, Volume::LOOPDIR);
+ strcpy(loopDir, VolumeManager::LOOPDIR);
loopDir[loopDirLen++] = '/';
loopDir[loopDirLen] = '\0';
mntent* mentry;
while ((mentry = getmntent(fp)) != NULL) {
if (!strncmp(mentry->mnt_dir, loopDir, loopDirLen)) {
- int fd = open(mentry->mnt_fsname, O_RDONLY);
+ int fd = open(mentry->mnt_fsname, O_RDONLY | O_CLOEXEC);
if (fd >= 0) {
struct loop_info64 li;
if (ioctl(fd, LOOP_GET_STATUS64, &li) >= 0) {
@@ -1503,299 +1639,9 @@
return 0;
}
-int VolumeManager::shareEnabled(const char *label, const char *method, bool *enabled) {
- Volume *v = lookupVolume(label);
-
- if (!v) {
- errno = ENOENT;
- return -1;
- }
-
- if (strcmp(method, "ums")) {
- errno = ENOSYS;
- return -1;
- }
-
- if (v->getState() != Volume::State_Shared) {
- *enabled = false;
- } else {
- *enabled = true;
- }
- return 0;
-}
-
-int VolumeManager::shareVolume(const char *label, const char *method) {
- Volume *v = lookupVolume(label);
-
- if (!v) {
- errno = ENOENT;
- return -1;
- }
-
- /*
- * Eventually, we'll want to support additional share back-ends,
- * some of which may work while the media is mounted. For now,
- * we just support UMS
- */
- if (strcmp(method, "ums")) {
- errno = ENOSYS;
- return -1;
- }
-
- if (v->getState() == Volume::State_NoMedia) {
- errno = ENODEV;
- return -1;
- }
-
- if (v->getState() != Volume::State_Idle) {
- // You need to unmount manually befoe sharing
- errno = EBUSY;
- return -1;
- }
-
- if (mVolManagerDisabled) {
- errno = EBUSY;
- return -1;
- }
-
- dev_t d = v->getShareDevice();
- if ((MAJOR(d) == 0) && (MINOR(d) == 0)) {
- // This volume does not support raw disk access
- errno = EINVAL;
- return -1;
- }
-
- int fd;
- char nodepath[255];
- int written = snprintf(nodepath,
- sizeof(nodepath), "/dev/block/vold/%d:%d",
- major(d), minor(d));
-
- if ((written < 0) || (size_t(written) >= sizeof(nodepath))) {
- SLOGE("shareVolume failed: couldn't construct nodepath");
- return -1;
- }
-
- if ((fd = open(MASS_STORAGE_FILE_PATH, O_WRONLY)) < 0) {
- SLOGE("Unable to open ums lunfile (%s)", strerror(errno));
- return -1;
- }
-
- if (write(fd, nodepath, strlen(nodepath)) < 0) {
- SLOGE("Unable to write to ums lunfile (%s)", strerror(errno));
- close(fd);
- return -1;
- }
-
- close(fd);
- v->handleVolumeShared();
- if (mUmsSharingCount++ == 0) {
- FILE* fp;
- mSavedDirtyRatio = -1; // in case we fail
- if ((fp = fopen("/proc/sys/vm/dirty_ratio", "r+"))) {
- char line[16];
- if (fgets(line, sizeof(line), fp) && sscanf(line, "%d", &mSavedDirtyRatio)) {
- fprintf(fp, "%d\n", mUmsDirtyRatio);
- } else {
- SLOGE("Failed to read dirty_ratio (%s)", strerror(errno));
- }
- fclose(fp);
- } else {
- SLOGE("Failed to open /proc/sys/vm/dirty_ratio (%s)", strerror(errno));
- }
- }
- return 0;
-}
-
-int VolumeManager::unshareVolume(const char *label, const char *method) {
- Volume *v = lookupVolume(label);
-
- if (!v) {
- errno = ENOENT;
- return -1;
- }
-
- if (strcmp(method, "ums")) {
- errno = ENOSYS;
- return -1;
- }
-
- if (v->getState() != Volume::State_Shared) {
- errno = EINVAL;
- return -1;
- }
-
- int fd;
- if ((fd = open(MASS_STORAGE_FILE_PATH, O_WRONLY)) < 0) {
- SLOGE("Unable to open ums lunfile (%s)", strerror(errno));
- return -1;
- }
-
- char ch = 0;
- if (write(fd, &ch, 1) < 0) {
- SLOGE("Unable to write to ums lunfile (%s)", strerror(errno));
- close(fd);
- return -1;
- }
-
- close(fd);
- v->handleVolumeUnshared();
- if (--mUmsSharingCount == 0 && mSavedDirtyRatio != -1) {
- FILE* fp;
- if ((fp = fopen("/proc/sys/vm/dirty_ratio", "r+"))) {
- fprintf(fp, "%d\n", mSavedDirtyRatio);
- fclose(fp);
- } else {
- SLOGE("Failed to open /proc/sys/vm/dirty_ratio (%s)", strerror(errno));
- }
- mSavedDirtyRatio = -1;
- }
- return 0;
-}
-
-extern "C" int vold_disableVol(const char *label) {
+extern "C" int vold_unmountAll(void) {
VolumeManager *vm = VolumeManager::Instance();
- vm->disableVolumeManager();
- vm->unshareVolume(label, "ums");
- return vm->unmountVolume(label, true, false);
-}
-
-extern "C" int vold_getNumDirectVolumes(void) {
- VolumeManager *vm = VolumeManager::Instance();
- return vm->getNumDirectVolumes();
-}
-
-int VolumeManager::getNumDirectVolumes(void) {
- VolumeCollection::iterator i;
- int n=0;
-
- for (i = mVolumes->begin(); i != mVolumes->end(); ++i) {
- if ((*i)->getShareDevice() != (dev_t)0) {
- n++;
- }
- }
- return n;
-}
-
-extern "C" int vold_getDirectVolumeList(struct volume_info *vol_list) {
- VolumeManager *vm = VolumeManager::Instance();
- return vm->getDirectVolumeList(vol_list);
-}
-
-int VolumeManager::getDirectVolumeList(struct volume_info *vol_list) {
- VolumeCollection::iterator i;
- int n=0;
- dev_t d;
-
- for (i = mVolumes->begin(); i != mVolumes->end(); ++i) {
- if ((d=(*i)->getShareDevice()) != (dev_t)0) {
- (*i)->getVolInfo(&vol_list[n]);
- snprintf(vol_list[n].blk_dev, sizeof(vol_list[n].blk_dev),
- "/dev/block/vold/%d:%d", major(d), minor(d));
- n++;
- }
- }
-
- return 0;
-}
-
-int VolumeManager::unmountVolume(const char *label, bool force, bool revert) {
- Volume *v = lookupVolume(label);
-
- if (!v) {
- errno = ENOENT;
- return -1;
- }
-
- if (v->getState() == Volume::State_NoMedia) {
- errno = ENODEV;
- return -1;
- }
-
- if (v->getState() != Volume::State_Mounted) {
- SLOGW("Attempt to unmount volume which isn't mounted (%d)\n",
- v->getState());
- errno = EBUSY;
- return UNMOUNT_NOT_MOUNTED_ERR;
- }
-
- cleanupAsec(v, force);
-
- return v->unmountVol(force, revert);
-}
-
-extern "C" int vold_unmountAllAsecs(void) {
- int rc;
-
- VolumeManager *vm = VolumeManager::Instance();
- rc = vm->unmountAllAsecsInDir(Volume::SEC_ASECDIR_EXT);
- if (vm->unmountAllAsecsInDir(Volume::SEC_ASECDIR_INT)) {
- rc = -1;
- }
- return rc;
-}
-
-#define ID_BUF_LEN 256
-#define ASEC_SUFFIX ".asec"
-#define ASEC_SUFFIX_LEN (sizeof(ASEC_SUFFIX) - 1)
-int VolumeManager::unmountAllAsecsInDir(const char *directory) {
- DIR *d = opendir(directory);
- int rc = 0;
-
- if (!d) {
- SLOGE("Could not open asec dir %s", directory);
- return -1;
- }
-
- size_t dirent_len = offsetof(struct dirent, d_name) +
- fpathconf(dirfd(d), _PC_NAME_MAX) + 1;
-
- struct dirent *dent = (struct dirent *) malloc(dirent_len);
- if (dent == NULL) {
- SLOGE("Failed to allocate memory for asec dir");
- return -1;
- }
-
- struct dirent *result;
- while (!readdir_r(d, dent, &result) && result != NULL) {
- if (dent->d_name[0] == '.')
- continue;
- if (dent->d_type != DT_REG)
- continue;
- size_t name_len = strlen(dent->d_name);
- if (name_len > 5 && name_len < (ID_BUF_LEN + ASEC_SUFFIX_LEN - 1) &&
- !strcmp(&dent->d_name[name_len - 5], ASEC_SUFFIX)) {
- char id[ID_BUF_LEN];
- strlcpy(id, dent->d_name, name_len - 4);
- if (unmountAsec(id, true)) {
- /* Register the error, but try to unmount more asecs */
- rc = -1;
- }
- }
- }
- closedir(d);
-
- free(dent);
-
- return rc;
-}
-
-/*
- * Looks up a volume by it's label or mount-point
- */
-Volume *VolumeManager::lookupVolume(const char *label) {
- VolumeCollection::iterator i;
-
- for (i = mVolumes->begin(); i != mVolumes->end(); ++i) {
- if (label[0] == '/') {
- if (!strcmp(label, (*i)->getFuseMountpoint()))
- return (*i);
- } else {
- if (!strcmp(label, (*i)->getLabel()))
- return (*i);
- }
- }
- return NULL;
+ return vm->unmountAll();
}
bool VolumeManager::isMountpointMounted(const char *mp)
@@ -1818,77 +1664,13 @@
return found_mp;
}
-int VolumeManager::cleanupAsec(Volume *v, bool force) {
- int rc = 0;
-
- char asecFileName[255];
-
- AsecIdCollection removeAsec;
- AsecIdCollection removeObb;
-
- for (AsecIdCollection::iterator it = mActiveContainers->begin(); it != mActiveContainers->end();
- ++it) {
- ContainerData* cd = *it;
-
- if (cd->type == ASEC) {
- if (findAsec(cd->id, asecFileName, sizeof(asecFileName))) {
- SLOGE("Couldn't find ASEC %s; cleaning up", cd->id);
- removeAsec.push_back(cd);
- } else {
- SLOGD("Found ASEC at path %s", asecFileName);
- if (!strncmp(asecFileName, Volume::SEC_ASECDIR_EXT,
- strlen(Volume::SEC_ASECDIR_EXT))) {
- removeAsec.push_back(cd);
- }
- }
- } else if (cd->type == OBB) {
- if (v == getVolumeForFile(cd->id)) {
- removeObb.push_back(cd);
- }
- } else {
- SLOGE("Unknown container type %d!", cd->type);
- }
- }
-
- for (AsecIdCollection::iterator it = removeAsec.begin(); it != removeAsec.end(); ++it) {
- ContainerData *cd = *it;
- SLOGI("Unmounting ASEC %s (dependent on %s)", cd->id, v->getLabel());
- if (unmountAsec(cd->id, force)) {
- SLOGE("Failed to unmount ASEC %s (%s)", cd->id, strerror(errno));
- rc = -1;
- }
- }
-
- for (AsecIdCollection::iterator it = removeObb.begin(); it != removeObb.end(); ++it) {
- ContainerData *cd = *it;
- SLOGI("Unmounting OBB %s (dependent on %s)", cd->id, v->getLabel());
- if (unmountObb(cd->id, force)) {
- SLOGE("Failed to unmount OBB %s (%s)", cd->id, strerror(errno));
- rc = -1;
- }
- }
-
- return rc;
-}
-
int VolumeManager::mkdirs(char* path) {
- // Require that path lives under a volume we manage and is mounted
- const char* emulated_source = getenv("EMULATED_STORAGE_SOURCE");
- const char* root = NULL;
- if (emulated_source && !strncmp(path, emulated_source, strlen(emulated_source))) {
- root = emulated_source;
+ // Only offer to create directories for paths managed by vold
+ if (strncmp(path, "/storage/", 9) == 0) {
+ // fs_mkdirs() does symlink checking and relative path enforcement
+ return fs_mkdirs(path, 0700);
} else {
- Volume* vol = getVolumeForFile(path);
- if (vol && vol->getState() == Volume::State_Mounted) {
- root = vol->getMountpoint();
- }
- }
-
- if (!root) {
SLOGE("Failed to find mounted volume for %s", path);
return -EINVAL;
}
-
- /* fs_mkdirs() does symlink checking and relative path enforcement */
- return fs_mkdirs(path, 0700);
}
diff --git a/VolumeManager.h b/VolumeManager.h
index 17fa6f7..e0b0ac8 100644
--- a/VolumeManager.h
+++ b/VolumeManager.h
@@ -14,16 +14,26 @@
* limitations under the License.
*/
-#ifndef _VOLUMEMANAGER_H
-#define _VOLUMEMANAGER_H
+#ifndef ANDROID_VOLD_VOLUME_MANAGER_H
+#define ANDROID_VOLD_VOLUME_MANAGER_H
#include <pthread.h>
+#include <fnmatch.h>
+#include <stdlib.h>
#ifdef __cplusplus
+
+#include <list>
+#include <mutex>
+#include <string>
+
+#include <cutils/multiuser.h>
#include <utils/List.h>
#include <sysutils/SocketListener.h>
+#include <sysutils/NetlinkEvent.h>
-#include "Volume.h"
+#include "Disk.h"
+#include "VolumeBase.h"
/* The length of an MD5 hash when encoded into ASCII hex characters */
#define MD5_ASCII_LENGTH_PLUS_NULL ((MD5_DIGEST_LENGTH*2)+1)
@@ -51,13 +61,17 @@
typedef android::List<ContainerData*> AsecIdCollection;
class VolumeManager {
+public:
+ static const char *SEC_ASECDIR_EXT;
+ static const char *SEC_ASECDIR_INT;
+ static const char *ASECDIR;
+ static const char *LOOPDIR;
+
private:
static VolumeManager *sInstance;
-private:
SocketListener *mBroadcaster;
- VolumeCollection *mVolumes;
AsecIdCollection *mActiveContainers;
bool mDebug;
@@ -65,26 +79,53 @@
int mUmsSharingCount;
int mSavedDirtyRatio;
int mUmsDirtyRatio;
- int mVolManagerDisabled;
public:
virtual ~VolumeManager();
+ // TODO: pipe all requests through VM to avoid exposing this lock
+ std::mutex& getLock() { return mLock; }
+
int start();
int stop();
void handleBlockEvent(NetlinkEvent *evt);
- int addVolume(Volume *v);
+ class DiskSource {
+ public:
+ DiskSource(const std::string& sysPattern, const std::string& nickname, int flags) :
+ mSysPattern(sysPattern), mNickname(nickname), mFlags(flags) {
+ }
- int listVolumes(SocketClient *cli, bool broadcast);
- int mountVolume(const char *label);
- int unmountVolume(const char *label, bool force, bool revert);
- int shareVolume(const char *label, const char *method);
- int unshareVolume(const char *label, const char *method);
- int shareEnabled(const char *path, const char *method, bool *enabled);
- int formatVolume(const char *label, bool wipe);
- void disableVolumeManager(void) { mVolManagerDisabled = 1; }
+ bool matches(const std::string& sysPath) {
+ return !fnmatch(mSysPattern.c_str(), sysPath.c_str(), 0);
+ }
+
+ const std::string& getNickname() { return mNickname; }
+ int getFlags() { return mFlags; }
+
+ private:
+ std::string mSysPattern;
+ std::string mNickname;
+ int mFlags;
+ };
+
+ void addDiskSource(const std::shared_ptr<DiskSource>& diskSource);
+
+ std::shared_ptr<android::vold::Disk> findDisk(const std::string& id);
+ std::shared_ptr<android::vold::VolumeBase> findVolume(const std::string& id);
+
+ int startUser(userid_t userId);
+ int cleanupUser(userid_t userId);
+
+ int setPrimary(const std::shared_ptr<android::vold::VolumeBase>& vol);
+
+ /* Reset all internal state, typically during framework boot */
+ int reset();
+ /* Prepare for device shutdown, safely unmounting all devices */
+ int shutdown();
+ /* Unmount all volumes, usually for encryption */
+ int unmountAll();
/* ASEC */
int findAsec(const char *id, char *asecPath = NULL, size_t asecPathLen = 0,
@@ -118,16 +159,11 @@
int unmountObb(const char *fileName, bool force);
int getObbMountPath(const char *id, char *buffer, int maxlen);
- Volume* getVolumeForFile(const char *fileName);
-
/* Shared between ASEC and Loopback images */
int unmountLoopImage(const char *containerId, const char *loopId,
const char *fileName, const char *mountPoint, bool force);
- void setDebug(bool enable);
-
- // XXX: Post froyo this should be moved and cleaned up
- int cleanupAsec(Volume *v, bool force);
+ int setDebug(bool enable);
void setBroadcaster(SocketListener *sl) { mBroadcaster = sl; }
SocketListener *getBroadcaster() { return mBroadcaster; }
@@ -136,11 +172,6 @@
static char *asecHash(const char *id, char *buffer, size_t len);
- Volume *lookupVolume(const char *label);
- int getNumDirectVolumes(void);
- int getDirectVolumeList(struct volume_info *vol_list);
- int unmountAllAsecsInDir(const char *directory);
-
/*
* Ensure that all directories along given path exist, creating parent
* directories as needed. Validates that given path is absolute and that
@@ -156,15 +187,24 @@
bool isMountpointMounted(const char *mp);
bool isAsecInDirectory(const char *dir, const char *asec) const;
bool isLegalAsecId(const char *id) const;
+
+ int linkPrimary(userid_t userId);
+
+ std::mutex mLock;
+
+ std::list<std::shared_ptr<DiskSource>> mDiskSources;
+ std::list<std::shared_ptr<android::vold::Disk>> mDisks;
+
+ std::list<userid_t> mUsers;
+
+ std::shared_ptr<android::vold::VolumeBase> mInternalEmulated;
+ std::shared_ptr<android::vold::VolumeBase> mPrimary;
};
extern "C" {
#endif /* __cplusplus */
#define UNMOUNT_NOT_MOUNTED_ERR -2
- int vold_disableVol(const char *label);
- int vold_getNumDirectVolumes(void);
- int vold_getDirectVolumeList(struct volume_info *v);
- int vold_unmountAllAsecs(void);
+ int vold_unmountAll(void);
#ifdef __cplusplus
}
#endif
diff --git a/cryptfs.c b/cryptfs.c
index 5422f52..154feee 100644
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -237,20 +237,6 @@
// necessary, but is necessary to ensure consistency in
// implementations.
switch (ftr->kdf_type) {
- case KDF_SCRYPT_KEYMASTER_UNPADDED:
- // This is broken: It produces a message which is shorter than
- // the public modulus, failing criterion 2.
- memcpy(to_sign, object, object_size);
- to_sign_size = object_size;
- SLOGI("Signing unpadded object");
- break;
- case KDF_SCRYPT_KEYMASTER_BADLY_PADDED:
- // This is broken: Since the value of object is uniformly
- // distributed, it produces a message that is larger than the
- // public modulus with probability 0.25.
- memcpy(to_sign, object, min(RSA_KEY_SIZE_BYTES, object_size));
- SLOGI("Signing end-padded object");
- break;
case KDF_SCRYPT_KEYMASTER:
// This ensures the most significant byte of the signed message
// is zero. We could have zero-padded to the left instead, but
@@ -395,7 +381,7 @@
struct ext4_super_block sb;
off64_t len;
- if ((fd = open(dev, O_RDONLY)) < 0) {
+ if ((fd = open(dev, O_RDONLY|O_CLOEXEC)) < 0) {
SLOGE("Cannot open device to get filesystem size ");
return 0;
}
@@ -438,7 +424,7 @@
fs_mgr_get_crypt_info(fstab, key_loc, real_blkdev, sizeof(key_loc));
if (!strcmp(key_loc, KEY_IN_FOOTER)) {
- if ( (fd = open(real_blkdev, O_RDWR)) < 0) {
+ if ( (fd = open(real_blkdev, O_RDWR|O_CLOEXEC)) < 0) {
SLOGE("Cannot open real block device %s\n", real_blkdev);
return -1;
}
@@ -500,7 +486,7 @@
SLOGE("Unexpected value for crypto key location\n");
return -1;
}
- if ( (fd = open(fname, O_RDWR | O_CREAT, 0600)) < 0) {
+ if ( (fd = open(fname, O_RDWR | O_CREAT|O_CLOEXEC, 0600)) < 0) {
SLOGE("Cannot open footer file %s for put\n", fname);
return -1;
}
@@ -638,7 +624,7 @@
SLOGE("Unexpected value for crypto key location\n");
return -1;
}
- if ( (fd = open(fname, O_RDWR)) < 0) {
+ if ( (fd = open(fname, O_RDWR|O_CLOEXEC)) < 0) {
SLOGE("Cannot open footer file %s for get\n", fname);
return -1;
}
@@ -763,7 +749,7 @@
return -1;
}
- fd = open(fname, O_RDONLY);
+ fd = open(fname, O_RDONLY|O_CLOEXEC);
if (fd < 0) {
SLOGE("Cannot open %s metadata file", fname);
return -1;
@@ -844,7 +830,7 @@
return -1;
}
- fd = open(fname, O_RDWR);
+ fd = open(fname, O_RDWR|O_CLOEXEC);
if (fd < 0) {
SLOGE("Cannot open %s metadata file", fname);
return -1;
@@ -960,9 +946,8 @@
/* Convert a binary key of specified length into an ascii hex string equivalent,
* without the leading 0x and with null termination
*/
-static void convert_key_to_hex_ascii(unsigned char *master_key, unsigned int keysize,
- char *master_key_ascii)
-{
+static void convert_key_to_hex_ascii(const unsigned char *master_key,
+ unsigned int keysize, char *master_key_ascii) {
unsigned int i, a;
unsigned char nibble;
@@ -980,10 +965,9 @@
}
-static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr, unsigned char *master_key,
- char *real_blk_name, const char *name, int fd,
- char *extra_params)
-{
+static int load_crypto_mapping_table(struct crypt_mnt_ftr *crypt_ftr,
+ const unsigned char *master_key, const char *real_blk_name,
+ const char *name, int fd, const char *extra_params) {
_Alignas(struct dm_ioctl) char buffer[DM_CRYPT_BUF_SIZE];
struct dm_ioctl *io;
struct dm_target_spec *tgt;
@@ -1072,9 +1056,9 @@
return -1;
}
-static int create_crypto_blk_dev(struct crypt_mnt_ftr *crypt_ftr, unsigned char *master_key,
- char *real_blk_name, char *crypto_blk_name, const char *name)
-{
+static int create_crypto_blk_dev(struct crypt_mnt_ftr *crypt_ftr,
+ const unsigned char *master_key, const char *real_blk_name,
+ char *crypto_blk_name, const char *name) {
char buffer[DM_CRYPT_BUF_SIZE];
struct dm_ioctl *io;
unsigned int minor;
@@ -1084,7 +1068,7 @@
char *extra_params;
int load_count;
- if ((fd = open("/dev/device-mapper", O_RDWR)) < 0 ) {
+ if ((fd = open("/dev/device-mapper", O_RDWR|O_CLOEXEC)) < 0 ) {
SLOGE("Cannot open device-mapper\n");
goto errout;
}
@@ -1149,7 +1133,7 @@
struct dm_ioctl *io;
int retval = -1;
- if ((fd = open("/dev/device-mapper", O_RDWR)) < 0 ) {
+ if ((fd = open("/dev/device-mapper", O_RDWR|O_CLOEXEC)) < 0 ) {
SLOGE("Cannot open device-mapper\n");
goto errout;
}
@@ -1275,8 +1259,6 @@
get_device_scrypt_params(crypt_ftr);
switch (crypt_ftr->kdf_type) {
- case KDF_SCRYPT_KEYMASTER_UNPADDED:
- case KDF_SCRYPT_KEYMASTER_BADLY_PADDED:
case KDF_SCRYPT_KEYMASTER:
if (keymaster_create_key(crypt_ftr)) {
SLOGE("keymaster_create_key failed");
@@ -1397,9 +1379,7 @@
static void get_kdf_func(struct crypt_mnt_ftr *ftr, kdf_func *kdf, void** kdf_params)
{
- if (ftr->kdf_type == KDF_SCRYPT_KEYMASTER_UNPADDED ||
- ftr->kdf_type == KDF_SCRYPT_KEYMASTER_BADLY_PADDED ||
- ftr->kdf_type == KDF_SCRYPT_KEYMASTER) {
+ if (ftr->kdf_type == KDF_SCRYPT_KEYMASTER) {
*kdf = scrypt_keymaster;
*kdf_params = ftr;
} else if (ftr->kdf_type == KDF_SCRYPT) {
@@ -1437,7 +1417,7 @@
unsigned char key_buf[KEY_LEN_BYTES];
/* Get some random bits for a key */
- fd = open("/dev/urandom", O_RDONLY);
+ fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC);
read(fd, key_buf, sizeof(key_buf));
read(fd, salt, SALT_LEN);
close(fd);
@@ -1470,10 +1450,10 @@
if (kill) {
if (i == (WAIT_UNMOUNT_COUNT - 3)) {
SLOGW("sending SIGHUP to processes with open files\n");
- vold_killProcessesWithOpenFiles(mountpoint, 1);
+ vold_killProcessesWithOpenFiles(mountpoint, SIGTERM);
} else if (i == (WAIT_UNMOUNT_COUNT - 2)) {
SLOGW("sending SIGKILL to processes with open files\n");
- vold_killProcessesWithOpenFiles(mountpoint, 2);
+ vold_killProcessesWithOpenFiles(mountpoint, SIGKILL);
}
}
@@ -1904,36 +1884,18 @@
return rc;
}
-/* Called by vold when it wants to undo the crypto mapping of a volume it
- * manages. This is usually in response to a factory reset, when we want
- * to undo the crypto mapping so the volume is formatted in the clear.
- */
-int cryptfs_revert_volume(const char *label)
-{
- return delete_crypto_blk_dev((char *)label);
-}
-
/*
- * Called by vold when it's asked to mount an encrypted, nonremovable volume.
- * Setup a dm-crypt mapping, use the saved master key from
- * setting up the /data mapping, and return the new device path.
+ * Called by vold when it's asked to mount an encrypted external
+ * storage volume. The incoming partition has no crypto header/footer,
+ * as any metadata is been stored in a separate, small partition.
+ *
+ * out_crypto_blkdev must be MAXPATHLEN.
*/
-int cryptfs_setup_volume(const char *label, int major, int minor,
- char *crypto_sys_path, unsigned int max_path,
- int *new_major, int *new_minor)
-{
- char real_blkdev[MAXPATHLEN], crypto_blkdev[MAXPATHLEN];
- struct crypt_mnt_ftr sd_crypt_ftr;
- struct stat statbuf;
-
- sprintf(real_blkdev, "/dev/block/vold/%d:%d", major, minor);
-
- get_crypt_ftr_and_key(&sd_crypt_ftr);
-
- /* Update the fs_size field to be the size of the volume */
- int fd = open(real_blkdev, O_RDONLY);
+int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev,
+ const unsigned char* key, int keysize, char* out_crypto_blkdev) {
+ int fd = open(real_blkdev, O_RDONLY|O_CLOEXEC);
if (fd == -1) {
- SLOGE("Cannot open volume %s\n", real_blkdev);
+ SLOGE("Failed to open %s: %s", real_blkdev, strerror(errno));
return -1;
}
@@ -1942,25 +1904,26 @@
close(fd);
if (nr_sec == 0) {
- SLOGE("Cannot get size of volume %s\n", real_blkdev);
+ SLOGE("Failed to get size of %s: %s", real_blkdev, strerror(errno));
return -1;
}
- sd_crypt_ftr.fs_size = nr_sec;
- create_crypto_blk_dev(&sd_crypt_ftr, saved_master_key, real_blkdev,
- crypto_blkdev, label);
+ struct crypt_mnt_ftr ext_crypt_ftr;
+ memset(&ext_crypt_ftr, 0, sizeof(ext_crypt_ftr));
+ ext_crypt_ftr.fs_size = nr_sec;
+ ext_crypt_ftr.keysize = keysize;
+ strcpy((char*) ext_crypt_ftr.crypto_type_name, "aes-cbc-essiv:sha256");
- if (stat(crypto_blkdev, &statbuf) < 0) {
- SLOGE("Error get stat for crypto_blkdev %s. err=%d(%s)\n",
- crypto_blkdev, errno, strerror(errno));
- }
- *new_major = MAJOR(statbuf.st_rdev);
- *new_minor = MINOR(statbuf.st_rdev);
+ return create_crypto_blk_dev(&ext_crypt_ftr, key, real_blkdev,
+ out_crypto_blkdev, label);
+}
- /* Create path to sys entry for this block device */
- snprintf(crypto_sys_path, max_path, "/devices/virtual/block/%s", strrchr(crypto_blkdev, '/')+1);
-
- return 0;
+/*
+ * Called by vold when it's asked to unmount an encrypted external
+ * storage volume.
+ */
+int cryptfs_revert_ext_volume(const char* label) {
+ return delete_crypto_blk_dev((char*) label);
}
int cryptfs_crypto_complete(void)
@@ -2491,14 +2454,14 @@
data.real_blkdev = real_blkdev;
data.crypto_blkdev = crypto_blkdev;
- if ( (data.realfd = open(real_blkdev, O_RDWR)) < 0) {
+ if ( (data.realfd = open(real_blkdev, O_RDWR|O_CLOEXEC)) < 0) {
SLOGE("Error opening real_blkdev %s for inplace encrypt. err=%d(%s)\n",
real_blkdev, errno, strerror(errno));
rc = -1;
goto errout;
}
- if ( (data.cryptofd = open(crypto_blkdev, O_WRONLY)) < 0) {
+ if ( (data.cryptofd = open(crypto_blkdev, O_WRONLY|O_CLOEXEC)) < 0) {
SLOGE("Error opening crypto_blkdev %s for ext4 inplace encrypt. err=%d(%s)\n",
crypto_blkdev, errno, strerror(errno));
rc = ENABLE_INPLACE_ERR_DEV;
@@ -2622,12 +2585,12 @@
data.crypto_blkdev = crypto_blkdev;
data.realfd = -1;
data.cryptofd = -1;
- if ( (data.realfd = open64(real_blkdev, O_RDWR)) < 0) {
+ if ( (data.realfd = open64(real_blkdev, O_RDWR|O_CLOEXEC)) < 0) {
SLOGE("Error opening real_blkdev %s for f2fs inplace encrypt\n",
real_blkdev);
goto errout;
}
- if ( (data.cryptofd = open64(crypto_blkdev, O_WRONLY)) < 0) {
+ if ( (data.cryptofd = open64(crypto_blkdev, O_WRONLY|O_CLOEXEC)) < 0) {
SLOGE("Error opening crypto_blkdev %s for f2fs inplace encrypt. err=%d(%s)\n",
crypto_blkdev, errno, strerror(errno));
rc = ENABLE_INPLACE_ERR_DEV;
@@ -2694,12 +2657,12 @@
off64_t one_pct, cur_pct, new_pct;
off64_t blocks_already_done, tot_numblocks;
- if ( (realfd = open(real_blkdev, O_RDONLY)) < 0) {
+ if ( (realfd = open(real_blkdev, O_RDONLY|O_CLOEXEC)) < 0) {
SLOGE("Error opening real_blkdev %s for inplace encrypt\n", real_blkdev);
return ENABLE_INPLACE_ERR_OTHER;
}
- if ( (cryptofd = open(crypto_blkdev, O_WRONLY)) < 0) {
+ if ( (cryptofd = open(crypto_blkdev, O_WRONLY|O_CLOEXEC)) < 0) {
SLOGE("Error opening crypto_blkdev %s for inplace encrypt. err=%d(%s)\n",
crypto_blkdev, errno, strerror(errno));
close(realfd);
@@ -2855,15 +2818,9 @@
#define FRAMEWORK_BOOT_WAIT 60
-static inline int should_encrypt(struct volume_info *volume)
-{
- return (volume->flags & (VOL_ENCRYPTABLE | VOL_NONREMOVABLE)) ==
- (VOL_ENCRYPTABLE | VOL_NONREMOVABLE);
-}
-
static int cryptfs_SHA256_fileblock(const char* filename, __le8* buf)
{
- int fd = open(filename, O_RDONLY);
+ int fd = open(filename, O_RDONLY|O_CLOEXEC);
if (fd == -1) {
SLOGE("Error opening file %s", filename);
return -1;
@@ -2963,10 +2920,7 @@
char encrypted_state[PROPERTY_VALUE_MAX];
char lockid[32] = { 0 };
char key_loc[PROPERTY_VALUE_MAX];
- char fuse_sdcard[PROPERTY_VALUE_MAX];
- char *sd_mnt_point;
int num_vols;
- struct volume_info *vol_list = 0;
off64_t previously_encrypted_upto = 0;
if (!strcmp(howarg, "wipe")) {
@@ -3006,7 +2960,7 @@
fs_mgr_get_crypt_info(fstab, 0, real_blkdev, sizeof(real_blkdev));
/* Get the size of the real block device */
- int fd = open(real_blkdev, O_RDONLY);
+ int fd = open(real_blkdev, O_RDONLY|O_CLOEXEC);
if (fd == -1) {
SLOGE("Cannot open block device %s\n", real_blkdev);
goto error_unencrypted;
@@ -3041,55 +2995,15 @@
snprintf(lockid, sizeof(lockid), "enablecrypto%d", (int) getpid());
acquire_wake_lock(PARTIAL_WAKE_LOCK, lockid);
- /* Get the sdcard mount point */
- sd_mnt_point = getenv("EMULATED_STORAGE_SOURCE");
- if (!sd_mnt_point) {
- sd_mnt_point = getenv("EXTERNAL_STORAGE");
- }
- if (!sd_mnt_point) {
- sd_mnt_point = "/mnt/sdcard";
- }
-
- /* TODO
- * Currently do not have test devices with multiple encryptable volumes.
- * When we acquire some, re-add support.
- */
- num_vols=vold_getNumDirectVolumes();
- vol_list = malloc(sizeof(struct volume_info) * num_vols);
- vold_getDirectVolumeList(vol_list);
-
- for (i=0; i<num_vols; i++) {
- if (should_encrypt(&vol_list[i])) {
- SLOGE("Cannot encrypt if there are multiple encryptable volumes"
- "%s\n", vol_list[i].label);
- goto error_unencrypted;
- }
- }
-
/* The init files are setup to stop the class main and late start when
* vold sets trigger_shutdown_framework.
*/
property_set("vold.decrypt", "trigger_shutdown_framework");
SLOGD("Just asked init to shut down class main\n");
- if (vold_unmountAllAsecs()) {
- /* Just report the error. If any are left mounted,
- * umounting /data below will fail and handle the error.
- */
- SLOGE("Error unmounting internal asecs");
- }
-
- property_get("ro.crypto.fuse_sdcard", fuse_sdcard, "");
- if (!strcmp(fuse_sdcard, "true")) {
- /* This is a device using the fuse layer to emulate the sdcard semantics
- * on top of the userdata partition. vold does not manage it, it is managed
- * by the sdcard service. The sdcard service was killed by the property trigger
- * above, so just unmount it now. We must do this _AFTER_ killing the framework,
- * unlike the case for vold managed devices above.
- */
- if (wait_and_unmount(sd_mnt_point, false)) {
- goto error_shutting_down;
- }
+ /* Ask vold to unmount all devices that it manages */
+ if (vold_unmountAll()) {
+ SLOGE("Failed to unmount all vold managed devices");
}
/* Now unmount the /data partition. */
@@ -3237,8 +3151,6 @@
/* Undo the dm-crypt mapping whether we succeed or not */
delete_crypto_blk_dev("userdata");
- free(vol_list);
-
if (! rc) {
/* Success */
crypt_ftr.flags &= ~CRYPT_INCONSISTENT_STATE;
@@ -3279,7 +3191,7 @@
/* wipe data if encryption failed */
SLOGE("encryption failed - rebooting into recovery to wipe data\n");
mkdir("/cache/recovery", 0700);
- int fd = open("/cache/recovery/command", O_RDWR|O_CREAT|O_TRUNC, 0600);
+ int fd = open("/cache/recovery/command", O_RDWR|O_CREAT|O_TRUNC|O_CLOEXEC, 0600);
if (fd >= 0) {
write(fd, "--wipe_data\n", strlen("--wipe_data\n") + 1);
write(fd, "--reason=cryptfs_enable_internal\n", strlen("--reason=cryptfs_enable_internal\n") + 1);
@@ -3305,7 +3217,6 @@
return rc;
error_unencrypted:
- free(vol_list);
property_set("vold.encrypt_progress", "error_not_encrypted");
if (lockid[0]) {
release_wake_lock(lockid);
@@ -3322,7 +3233,6 @@
/* shouldn't get here */
property_set("vold.encrypt_progress", "error_shutting_down");
- free(vol_list);
if (lockid[0]) {
release_wake_lock(lockid);
}
@@ -3355,6 +3265,7 @@
}
struct crypt_mnt_ftr crypt_ftr;
+ int rc;
/* This is only allowed after we've successfully decrypted the master key */
if (!master_key_saved) {
@@ -3380,18 +3291,20 @@
newpw = adjusted_passwd;
}
- encrypt_master_key(crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD
+ rc = encrypt_master_key(crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD
: newpw,
crypt_ftr.salt,
saved_master_key,
crypt_ftr.master_key,
&crypt_ftr);
-
+ free(adjusted_passwd);
+ if (rc) {
+ SLOGE("Encrypt master key failed: %d", rc);
+ return -1;
+ }
/* save the key */
put_crypt_ftr_and_key(&crypt_ftr);
- free(adjusted_passwd);
-
#ifdef CONFIG_HW_DISK_ENCRYPTION
if (!strcmp((char *)crypt_ftr.crypto_type_name, "aes-xts")) {
if (crypt_type == CRYPT_TYPE_DEFAULT) {
diff --git a/cryptfs.h b/cryptfs.h
index 7f082cc..94684e2 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -72,10 +72,7 @@
/* Key Derivation Function algorithms */
#define KDF_PBKDF2 1
#define KDF_SCRYPT 2
-/* TODO(paullawrence): Remove KDF_SCRYPT_KEYMASTER_UNPADDED and KDF_SCRYPT_KEYMASTER_BADLY_PADDED
- * when it is safe to do so. */
-#define KDF_SCRYPT_KEYMASTER_UNPADDED 3
-#define KDF_SCRYPT_KEYMASTER_BADLY_PADDED 4
+/* Algorithms 3 & 4 deprecated before shipping outside of google, so removed */
#define KDF_SCRYPT_KEYMASTER 5
/* Maximum allowed keymaster blob size. */
@@ -176,20 +173,6 @@
struct crypt_persist_entry persist_entry[0];
};
-struct volume_info {
- unsigned int size;
- unsigned int flags;
- struct crypt_mnt_ftr crypt_ftr;
- char mnt_point[256];
- char blk_dev[256];
- char crypto_blkdev[256];
- char label[256];
-};
-#define VOL_NONREMOVABLE 0x1
-#define VOL_ENCRYPTABLE 0x2
-#define VOL_PRIMARY 0x4
-#define VOL_PROVIDES_ASEC 0x8
-
#define DATA_MNT_POINT "/data"
/* Return values for cryptfs_crypto_complete */
@@ -238,11 +221,10 @@
int cryptfs_enable(char *flag, int type, char *passwd, int allow_reboot);
int cryptfs_changepw(int type, const char *newpw);
int cryptfs_enable_default(char *flag, int allow_reboot);
+ int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev,
+ const unsigned char* key, int keysize, char* out_crypto_blkdev);
+ int cryptfs_revert_ext_volume(const char* label);
int cryptfs_enable_file();
- int cryptfs_setup_volume(const char *label, int major, int minor,
- char *crypto_dev_path, unsigned int max_pathlen,
- int *new_major, int *new_minor);
- int cryptfs_revert_volume(const char *label);
int cryptfs_getfield(const char *fieldname, char *value, int len);
int cryptfs_setfield(const char *fieldname, const char *value);
int cryptfs_mount_default_encrypted(void);
diff --git a/fstrim.c b/fstrim.c
index 2c24fc9..60c9f24 100644
--- a/fstrim.c
+++ b/fstrim.c
@@ -64,6 +64,7 @@
struct fstrim_range range = { 0 };
extern struct fstab *fstab;
int deep_trim = !!thread_arg;
+ struct fstab_rec *prev_rec = NULL;
SLOGI("Starting fstrim work...\n");
@@ -88,6 +89,16 @@
if (fs_mgr_is_voldmanaged(&fstab->recs[i])) {
continue; /* Should we trim fat32 filesystems? */
}
+ if (fs_mgr_is_notrim(&fstab->recs[i])) {
+ continue;
+ }
+
+ /* Skip the multi-type partitions, which are required to be following each other.
+ * See fs_mgr.c's mount_with_alternatives().
+ */
+ if (prev_rec && !strcmp(prev_rec->mount_point, fstab->recs[i].mount_point)) {
+ continue;
+ }
fd = open(fstab->recs[i].mount_point, O_RDONLY | O_DIRECTORY | O_CLOEXEC | O_NOFOLLOW);
if (fd < 0) {
@@ -108,6 +119,7 @@
SLOGI("Trimmed %llu bytes on %s\n", range.len, fstab->recs[i].mount_point);
}
close(fd);
+ prev_rec = &fstab->recs[i];
}
/* Log the finish time in the event log */
diff --git a/main.cpp b/main.cpp
index c07f48d..ed2a88a 100644
--- a/main.cpp
+++ b/main.cpp
@@ -14,49 +14,59 @@
* limitations under the License.
*/
+#include "Disk.h"
+#include "VolumeManager.h"
+#include "CommandListener.h"
+#include "NetlinkManager.h"
+#include "cryptfs.h"
+#include "sehandle.h"
+
+#include <base/logging.h>
+#include <base/stringprintf.h>
+#include <cutils/klog.h>
+#include <cutils/properties.h>
+#include <cutils/sockets.h>
+
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
-
+#include <getopt.h>
#include <fcntl.h>
#include <dirent.h>
#include <fs_mgr.h>
-#define LOG_TAG "Vold"
-
-#include "cutils/klog.h"
-#include "cutils/log.h"
-#include "cutils/properties.h"
-
-#include "VolumeManager.h"
-#include "CommandListener.h"
-#include "NetlinkManager.h"
-#include "DirectVolume.h"
-#include "cryptfs.h"
-#include "sehandle.h"
-
static int process_config(VolumeManager *vm);
static void coldboot(const char *path);
+static void parse_args(int argc, char** argv);
-#define FSTAB_PREFIX "/fstab."
struct fstab *fstab;
struct selabel_handle *sehandle;
-int main() {
+using android::base::StringPrintf;
+
+int main(int argc, char** argv) {
+ setenv("ANDROID_LOG_TAGS", "*:v", 1);
+ android::base::InitLogging(argv, android::base::LogdLogger(android::base::SYSTEM));
+
+ LOG(INFO) << "Vold 3.0 (the awakening) firing up";
VolumeManager *vm;
CommandListener *cl;
NetlinkManager *nm;
- SLOGI("Vold 2.1 (the revenge) firing up");
+ parse_args(argc, argv);
sehandle = selinux_android_file_context_handle();
- if (sehandle)
+ if (sehandle) {
selinux_android_set_sehandle(sehandle);
+ }
+
+ // Quickly throw a CLOEXEC on the socket we just inherited from init
+ fcntl(android_get_control_socket("vold"), F_SETFD, FD_CLOEXEC);
mkdir("/dev/block/vold", 0755);
@@ -65,31 +75,34 @@
/* Create our singleton managers */
if (!(vm = VolumeManager::Instance())) {
- SLOGE("Unable to create VolumeManager");
+ LOG(ERROR) << "Unable to create VolumeManager";
exit(1);
- };
+ }
if (!(nm = NetlinkManager::Instance())) {
- SLOGE("Unable to create NetlinkManager");
+ LOG(ERROR) << "Unable to create NetlinkManager";
exit(1);
- };
+ }
+ if (property_get_bool("vold.debug", false)) {
+ vm->setDebug(true);
+ }
cl = new CommandListener();
vm->setBroadcaster((SocketListener *) cl);
nm->setBroadcaster((SocketListener *) cl);
if (vm->start()) {
- SLOGE("Unable to start VolumeManager (%s)", strerror(errno));
+ PLOG(ERROR) << "Unable to start VolumeManager";
exit(1);
}
if (process_config(vm)) {
- SLOGE("Error reading configuration (%s)... continuing anyways", strerror(errno));
+ PLOG(ERROR) << "Error reading configuration... continuing anyways";
}
if (nm->start()) {
- SLOGE("Unable to start NetlinkManager (%s)", strerror(errno));
+ PLOG(ERROR) << "Unable to start NetlinkManager";
exit(1);
}
@@ -100,7 +113,7 @@
* Now that we're up, we can respond to commands
*/
if (cl->startListener()) {
- SLOGE("Unable to start CommandListener (%s)", strerror(errno));
+ PLOG(ERROR) << "Unable to start CommandListener";
exit(1);
}
@@ -109,18 +122,41 @@
sleep(1000);
}
- SLOGI("Vold exiting");
+ LOG(ERROR) << "Vold exiting";
exit(0);
}
-static void do_coldboot(DIR *d, int lvl)
-{
+static void parse_args(int argc, char** argv) {
+ static struct option opts[] = {
+ {"blkid_context", required_argument, 0, 'b' },
+ {"blkid_untrusted_context", required_argument, 0, 'B' },
+ {"fsck_context", required_argument, 0, 'f' },
+ {"fsck_untrusted_context", required_argument, 0, 'F' },
+ };
+
+ int c;
+ while ((c = getopt_long(argc, argv, "", opts, nullptr)) != -1) {
+ switch (c) {
+ case 'b': android::vold::sBlkidContext = optarg; break;
+ case 'B': android::vold::sBlkidUntrustedContext = optarg; break;
+ case 'f': android::vold::sFsckContext = optarg; break;
+ case 'F': android::vold::sFsckUntrustedContext = optarg; break;
+ }
+ }
+
+ CHECK(android::vold::sBlkidContext != nullptr);
+ CHECK(android::vold::sBlkidUntrustedContext != nullptr);
+ CHECK(android::vold::sFsckContext != nullptr);
+ CHECK(android::vold::sFsckUntrustedContext != nullptr);
+}
+
+static void do_coldboot(DIR *d, int lvl) {
struct dirent *de;
int dfd, fd;
dfd = dirfd(d);
- fd = openat(dfd, "uevent", O_WRONLY);
+ fd = openat(dfd, "uevent", O_WRONLY | O_CLOEXEC);
if(fd >= 0) {
write(fd, "add\n", 4);
close(fd);
@@ -149,8 +185,7 @@
}
}
-static void coldboot(const char *path)
-{
+static void coldboot(const char *path) {
DIR *d = opendir(path);
if(d) {
do_coldboot(d, 0);
@@ -158,55 +193,47 @@
}
}
-static int process_config(VolumeManager *vm)
-{
- char fstab_filename[PROPERTY_VALUE_MAX + sizeof(FSTAB_PREFIX)];
- char propbuf[PROPERTY_VALUE_MAX];
- int i;
- int ret = -1;
- int flags;
+static int process_config(VolumeManager *vm) {
+ char hardware[PROPERTY_VALUE_MAX];
+ property_get("ro.hardware", hardware, "");
+ std::string fstab_filename(StringPrintf("/fstab.%s", hardware));
- property_get("ro.hardware", propbuf, "");
- snprintf(fstab_filename, sizeof(fstab_filename), FSTAB_PREFIX"%s", propbuf);
+#ifdef DEBUG_FSTAB
+ if (access(DEBUG_FSTAB, R_OK) == 0) {
+ LOG(DEBUG) << "Found debug fstab; switching!";
+ fstab_filename = DEBUG_FSTAB;
+ }
+#endif
- fstab = fs_mgr_read_fstab(fstab_filename);
+ fstab = fs_mgr_read_fstab(fstab_filename.c_str());
if (!fstab) {
- SLOGE("failed to open %s\n", fstab_filename);
+ PLOG(ERROR) << "Failed to open " << fstab_filename;
return -1;
}
/* Loop through entries looking for ones that vold manages */
- for (i = 0; i < fstab->num_entries; i++) {
+ for (int i = 0; i < fstab->num_entries; i++) {
if (fs_mgr_is_voldmanaged(&fstab->recs[i])) {
- DirectVolume *dv = NULL;
- flags = 0;
-
- /* Set any flags that might be set for this volume */
if (fs_mgr_is_nonremovable(&fstab->recs[i])) {
- flags |= VOL_NONREMOVABLE;
+ LOG(WARNING) << "nonremovable no longer supported; ignoring volume";
+ continue;
}
+
+ std::string sysPattern(fstab->recs[i].blk_device);
+ std::string nickname(fstab->recs[i].label);
+ int flags = 0;
+
if (fs_mgr_is_encryptable(&fstab->recs[i])) {
- flags |= VOL_ENCRYPTABLE;
+ flags |= android::vold::Disk::Flags::kAdoptable;
}
- /* Only set this flag if there is not an emulated sd card */
- if (fs_mgr_is_noemulatedsd(&fstab->recs[i]) &&
- !strcmp(fstab->recs[i].fs_type, "vfat")) {
- flags |= VOL_PROVIDES_ASEC;
- }
- dv = new DirectVolume(vm, &(fstab->recs[i]), flags);
-
- if (dv->addPath(fstab->recs[i].blk_device)) {
- SLOGE("Failed to add devpath %s to volume %s",
- fstab->recs[i].blk_device, fstab->recs[i].label);
- goto out_fail;
+ if (fs_mgr_is_noemulatedsd(&fstab->recs[i])) {
+ flags |= android::vold::Disk::Flags::kDefaultPrimary;
}
- vm->addVolume(dv);
+ vm->addDiskSource(std::shared_ptr<VolumeManager::DiskSource>(
+ new VolumeManager::DiskSource(sysPattern, nickname, flags)));
}
}
- ret = 0;
-
-out_fail:
- return ret;
+ return 0;
}