vold: remove checkEncryption
The testing-only "checkEncryption" command has been replaced with
VtsKernelEncryptionTest [1]. In particular, the metadata encryption
documentation [2] no longer mentions checkEncryption but rather
recommends running VtsKernelEncryptionTest. Also, checkEncryption
hasn't really been maintained, and it has some known bugs; it's unclear
that many people ever really used it.
So, just remove it.
[1] https://android.googlesource.com/platform/test/vts-testcase/kernel/+/refs/heads/master/encryption/
[2] https://source.android.com/security/encryption/metadata#tests
Bug: 155037012
Change-Id: I258829c60768fd11aafdf2faad956cecc1ae9826
diff --git a/Android.bp b/Android.bp
index 0ffc8f9..b69dd5a 100644
--- a/Android.bp
+++ b/Android.bp
@@ -109,7 +109,6 @@
srcs: [
"AppFuseUtil.cpp",
"Benchmark.cpp",
- "CheckEncryption.cpp",
"Checkpoint.cpp",
"CryptoType.cpp",
"Devmapper.cpp",
diff --git a/CheckEncryption.cpp b/CheckEncryption.cpp
deleted file mode 100644
index ffa3698..0000000
--- a/CheckEncryption.cpp
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * Copyright (C) 2017 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "CheckEncryption.h"
-#include "FileDeviceUtils.h"
-#include "Utils.h"
-#include "VolumeManager.h"
-
-#include <android-base/file.h>
-#include <android-base/logging.h>
-#include <android-base/unique_fd.h>
-#include <cutils/iosched_policy.h>
-#include <private/android_filesystem_config.h>
-
-#include <sstream>
-
-#include <sys/resource.h>
-#include <sys/time.h>
-#include <unistd.h>
-
-#include <assert.h>
-#include <fcntl.h>
-#include <linux/fs.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-#include <fcntl.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-
-using android::base::unique_fd;
-
-using android::base::ReadFileToString;
-using android::base::WriteStringToFile;
-
-namespace android {
-namespace vold {
-
-constexpr uint32_t max_extents = 32;
-constexpr size_t bytecount = 8;
-constexpr int repeats = 256;
-
-bool check_file(const std::string& needle) {
- LOG(DEBUG) << "checkEncryption check_file: " << needle;
- auto haystack = android::vold::BlockDeviceForPath(needle);
- if (haystack.empty()) {
- LOG(ERROR) << "Failed to find device for path: " << needle;
- return false;
- }
-
- std::string randombytes;
- if (ReadRandomBytes(bytecount, randombytes) != 0) {
- LOG(ERROR) << "Failed to read random bytes";
- return false;
- }
- std::string randomhex;
- StrToHex(randombytes, randomhex);
- std::ostringstream os;
- for (int i = 0; i < repeats; i++) os << randomhex;
- auto towrite = os.str();
-
- if (access(needle.c_str(), F_OK) == 0) {
- if (unlink(needle.c_str()) != 0) {
- PLOG(ERROR) << "Failed to unlink " << needle;
- return false;
- }
- }
- LOG(DEBUG) << "Writing to " << needle;
- if (!WriteStringToFile(towrite, needle)) {
- PLOG(ERROR) << "Failed to write " << needle;
- return false;
- }
- sync();
-
- unique_fd haystack_fd(open(haystack.c_str(), O_RDONLY | O_CLOEXEC));
- if (haystack_fd.get() == -1) {
- PLOG(ERROR) << "Failed to open " << haystack;
- return false;
- }
-
- auto fiemap = PathFiemap(needle, max_extents);
-
- std::string area;
- for (uint32_t i = 0; i < fiemap->fm_mapped_extents; i++) {
- auto xt = &(fiemap->fm_extents[i]);
- LOG(DEBUG) << "Extent " << i << " at " << xt->fe_physical << " length " << xt->fe_length;
- if (lseek64(haystack_fd.get(), xt->fe_physical, SEEK_SET) == -1) {
- PLOG(ERROR) << "Failed lseek";
- return false;
- }
- auto toread = xt->fe_length;
- while (toread > 0) {
- char buf[BUFSIZ];
- size_t wlen =
- static_cast<size_t>(std::min(static_cast<typeof(toread)>(sizeof(buf)), toread));
- auto l = read(haystack_fd.get(), buf, wlen);
- if (l < 1) {
- PLOG(ERROR) << "Failed read";
- if (errno != EINTR) {
- return false;
- }
- }
- area.append(buf, l);
- toread -= l;
- }
- }
-
- LOG(DEBUG) << "Searching " << area.size() << " bytes of " << needle;
- LOG(DEBUG) << "First position of blob: " << area.find(randomhex);
- return true;
-}
-
-int CheckEncryption(const std::string& path) {
- auto deNeedle(path);
- deNeedle += "/misc";
- if (android::vold::PrepareDir(deNeedle, 01771, AID_SYSTEM, AID_MISC)) {
- return -1;
- }
- deNeedle += "/vold";
- if (android::vold::PrepareDir(deNeedle, 0700, AID_ROOT, AID_ROOT)) {
- return -1;
- }
- deNeedle += "/checkEncryption";
-
- auto neNeedle(path);
- neNeedle += "/unencrypted/checkEncryption";
-
- check_file(deNeedle);
- check_file(neNeedle);
-
- return 0;
-}
-
-} // namespace vold
-} // namespace android
diff --git a/CheckEncryption.h b/CheckEncryption.h
deleted file mode 100644
index 158d886..0000000
--- a/CheckEncryption.h
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright (C) 2017 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef ANDROID_VOLD_CHECK_ENCRYPTION_H
-#define ANDROID_VOLD_CHECK_ENCRYPTION_H
-
-#include <string>
-
-namespace android {
-namespace vold {
-
-/* Check encryption of private volume mounted at the given path */
-int CheckEncryption(const std::string& path);
-
-} // namespace vold
-} // namespace android
-
-#endif
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index be8e67c..e345d2f 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp
@@ -19,7 +19,6 @@
#include "VoldNativeService.h"
#include "Benchmark.h"
-#include "CheckEncryption.h"
#include "Checkpoint.h"
#include "FsCrypt.h"
#include "IdleMaint.h"
@@ -340,17 +339,6 @@
return Ok();
}
-binder::Status VoldNativeService::checkEncryption(const std::string& volId) {
- ENFORCE_SYSTEM_OR_ROOT;
- CHECK_ARGUMENT_ID(volId);
- ACQUIRE_LOCK;
-
- std::string path;
- auto status = pathForVolId(volId, &path);
- if (!status.isOk()) return status;
- return translate(android::vold::CheckEncryption(path));
-}
-
binder::Status VoldNativeService::moveStorage(
const std::string& fromVolId, const std::string& toVolId,
const android::sp<android::os::IVoldTaskListener>& listener) {
diff --git a/VoldNativeService.h b/VoldNativeService.h
index 7065b04..7ee093d 100644
--- a/VoldNativeService.h
+++ b/VoldNativeService.h
@@ -57,7 +57,6 @@
binder::Status format(const std::string& volId, const std::string& fsType);
binder::Status benchmark(const std::string& volId,
const android::sp<android::os::IVoldTaskListener>& listener);
- binder::Status checkEncryption(const std::string& volId);
binder::Status moveStorage(const std::string& fromVolId, const std::string& toVolId,
const android::sp<android::os::IVoldTaskListener>& listener);
diff --git a/binder/android/os/IVold.aidl b/binder/android/os/IVold.aidl
index 12c00e4..cde6952 100644
--- a/binder/android/os/IVold.aidl
+++ b/binder/android/os/IVold.aidl
@@ -45,7 +45,6 @@
void unmount(@utf8InCpp String volId);
void format(@utf8InCpp String volId, @utf8InCpp String fsType);
void benchmark(@utf8InCpp String volId, IVoldTaskListener listener);
- void checkEncryption(@utf8InCpp String volId);
void moveStorage(@utf8InCpp String fromVolId, @utf8InCpp String toVolId,
IVoldTaskListener listener);
diff --git a/vdc.cpp b/vdc.cpp
index a6a3fb0..a0efe78 100644
--- a/vdc.cpp
+++ b/vdc.cpp
@@ -103,8 +103,6 @@
checkStatus(args, vold->shutdown());
} else if (args[0] == "volume" && args[1] == "reset") {
checkStatus(args, vold->reset());
- } else if (args[0] == "cryptfs" && args[1] == "checkEncryption" && args.size() == 3) {
- checkStatus(args, vold->checkEncryption(args[2]));
} else if (args[0] == "cryptfs" && args[1] == "mountFstab" && args.size() == 4) {
checkStatus(args, vold->mountFstab(args[2], args[3]));
} else if (args[0] == "cryptfs" && args[1] == "encryptFstab" && args.size() == 4) {