Blame - EncryptInplace.cpp - SHIFTPHONES/android_system_vold

blob: 438f9596cbf953834575bd04ae4af7717ea4a975 [file] [log] [blame]

Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	1	/*
				2	* Copyright (C) 2016 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
				17	#include "EncryptInplace.h"
				18
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	19	#include <ext4_utils/ext4.h>
				20	#include <ext4_utils/ext4_utils.h>
				21	#include <f2fs_sparseblock.h>
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	22	#include <fcntl.h>
				23	#include <inttypes.h>
				24	#include <stdint.h>
				25	#include <stdio.h>
				26	#include <sys/stat.h>
				27	#include <sys/types.h>
				28	#include <time.h>
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	29
				30	#include <algorithm>
				31
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	32	#include <android-base/logging.h>
				33	#include <android-base/properties.h>
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	34
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	35	// FIXME horrible cut-and-paste code
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	36	static inline int unix_read(int fd, void* buff, int len) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	37	return TEMP_FAILURE_RETRY(read(fd, buff, len));
				38	}
				39
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	40	static inline int unix_write(int fd, const void* buff, int len) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	41	return TEMP_FAILURE_RETRY(write(fd, buff, len));
				42	}
				43
				44	#define CRYPT_SECTORS_PER_BUFSIZE (CRYPT_INPLACE_BUFSIZE / CRYPT_SECTOR_SIZE)
				45
				46	/* aligned 32K writes tends to make flash happy.
				47	* SD card association recommends it.
				48	*/
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	49	#define BLOCKS_AT_A_TIME 8
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	50
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	51	struct encryptGroupsData {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	52	int realfd;
				53	int cryptofd;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	54	off64_t one_pct, cur_pct, new_pct;
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	55	off64_t blocks_already_done;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	56	off64_t used_blocks_already_done, tot_used_blocks;
Paul Lawrence	236e5e8	2019-06-25 14:44:33 -0700	[diff] [blame]	57	const char* real_blkdev;
				58	const char* crypto_blkdev;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	59	int count;
				60	off64_t offset;
				61	char* buffer;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	62	time_t time_started;
				63	int remaining_time;
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	64	bool set_progress_properties;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	65	};
				66
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	67	static void update_progress(struct encryptGroupsData* data, int is_used) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	68	data->blocks_already_done++;
				69
				70	if (is_used) {
				71	data->used_blocks_already_done++;
				72	}
				73	if (data->tot_used_blocks) {
				74	data->new_pct = data->used_blocks_already_done / data->one_pct;
				75	} else {
				76	data->new_pct = data->blocks_already_done / data->one_pct;
				77	}
				78
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	79	if (!data->set_progress_properties) return;
				80
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	81	if (data->new_pct > data->cur_pct) {
				82	char buf[8];
				83	data->cur_pct = data->new_pct;
				84	snprintf(buf, sizeof(buf), "%" PRId64, data->cur_pct);
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	85	android::base::SetProperty("vold.encrypt_progress", buf);
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	86	}
				87
				88	if (data->cur_pct >= 5) {
				89	struct timespec time_now;
				90	if (clock_gettime(CLOCK_MONOTONIC, &time_now)) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	91	LOG(WARNING) << "Error getting time";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	92	} else {
				93	double elapsed_time = difftime(time_now.tv_sec, data->time_started);
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	94	off64_t remaining_blocks = data->tot_used_blocks - data->used_blocks_already_done;
				95	int remaining_time =
				96	(int)(elapsed_time * remaining_blocks / data->used_blocks_already_done);
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	97
				98	// Change time only if not yet set, lower, or a lot higher for
				99	// best user experience
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	100	if (data->remaining_time == -1 \|\| remaining_time < data->remaining_time \|\|
				101	remaining_time > data->remaining_time + 60) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	102	char buf[8];
				103	snprintf(buf, sizeof(buf), "%d", remaining_time);
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	104	android::base::SetProperty("vold.encrypt_time_remaining", buf);
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	105	data->remaining_time = remaining_time;
				106	}
				107	}
				108	}
				109	}
				110
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	111	static void log_progress(struct encryptGroupsData const* data, bool completed) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	112	// Precondition - if completed data = 0 else data != 0
				113
				114	// Track progress so we can skip logging blocks
				115	static off64_t offset = -1;
				116
				117	// Need to close existing 'Encrypting from' log?
				118	if (completed \|\| (offset != -1 && data->offset != offset)) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	119	LOG(INFO) << "Encrypted to sector " << offset / info.block_size * CRYPT_SECTOR_SIZE;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	120	offset = -1;
				121	}
				122
				123	// Need to start new 'Encrypting from' log?
				124	if (!completed && offset != data->offset) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	125	LOG(INFO) << "Encrypting from sector " << data->offset / info.block_size * CRYPT_SECTOR_SIZE;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	126	}
				127
				128	// Update offset
				129	if (!completed) {
				130	offset = data->offset + (off64_t)data->count * info.block_size;
				131	}
				132	}
				133
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	134	static int flush_outstanding_data(struct encryptGroupsData* data) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	135	if (data->count == 0) {
				136	return 0;
				137	}
				138
Sudheer Shanka	4b6ca4e	2018-09-21 10:54:54 -0700	[diff] [blame]	139	LOG(DEBUG) << "Copying " << data->count << " blocks at offset " << data->offset;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	140
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	141	if (pread64(data->realfd, data->buffer, info.block_size * data->count, data->offset) <= 0) {
				142	LOG(ERROR) << "Error reading real_blkdev " << data->real_blkdev << " for inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	143	return -1;
				144	}
				145
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	146	if (pwrite64(data->cryptofd, data->buffer, info.block_size * data->count, data->offset) <= 0) {
				147	LOG(ERROR) << "Error writing crypto_blkdev " << data->crypto_blkdev
				148	<< " for inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	149	return -1;
				150	} else {
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	151	log_progress(data, false);
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	152	}
				153
				154	data->count = 0;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	155	return 0;
				156	}
				157
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	158	static int encrypt_groups(struct encryptGroupsData* data) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	159	unsigned int i;
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	160	u8* block_bitmap = 0;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	161	unsigned int block;
				162	off64_t ret;
				163	int rc = -1;
				164
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	165	data->buffer = (char)malloc(info.block_size BLOCKS_AT_A_TIME);
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	166	if (!data->buffer) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	167	LOG(ERROR) << "Failed to allocate crypto buffer";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	168	goto errout;
				169	}
				170
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	171	block_bitmap = (u8*)malloc(info.block_size);
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	172	if (!block_bitmap) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	173	LOG(ERROR) << "failed to allocate block bitmap";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	174	goto errout;
				175	}
				176
				177	for (i = 0; i < aux_info.groups; ++i) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	178	LOG(INFO) << "Encrypting group " << i;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	179
				180	u32 first_block = aux_info.first_data_block + i * info.blocks_per_group;
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	181	u32 block_count = std::min(info.blocks_per_group, (u32)(aux_info.len_blocks - first_block));
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	182
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	183	off64_t offset = (u64)info.block_size * aux_info.bg_desc[i].bg_block_bitmap;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	184
				185	ret = pread64(data->realfd, block_bitmap, info.block_size, offset);
				186	if (ret != (int)info.block_size) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	187	LOG(ERROR) << "failed to read all of block group bitmap " << i;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	188	goto errout;
				189	}
				190
				191	offset = (u64)info.block_size * first_block;
				192
				193	data->count = 0;
				194
				195	for (block = 0; block < block_count; block++) {
Will Shiu	4ac43f0	2020-07-29 17:03:17 +0800	[diff] [blame]	196	int used;
				197
				198	if (aux_info.bg_desc[i].bg_flags & EXT4_BG_BLOCK_UNINIT) {
				199	// In block groups with an uninitialized block bitmap, we only
				200	// need to encrypt the backup superblock (if one is present).
				201	used = (ext4_bg_has_super_block(i) && block < 1 + aux_info.bg_desc_blocks);
				202	} else {
				203	used = bitmap_get_bit(block_bitmap, block);
				204	}
				205
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	206	update_progress(data, used);
				207	if (used) {
				208	if (data->count == 0) {
				209	data->offset = offset;
				210	}
				211	data->count++;
				212	} else {
				213	if (flush_outstanding_data(data)) {
				214	goto errout;
				215	}
				216	}
				217
				218	offset += info.block_size;
				219
				220	/* Write data if we are aligned or buffer size reached */
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	221	if (offset % (info.block_size * BLOCKS_AT_A_TIME) == 0 \|\|
				222	data->count == BLOCKS_AT_A_TIME) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	223	if (flush_outstanding_data(data)) {
				224	goto errout;
				225	}
				226	}
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	227	}
				228	if (flush_outstanding_data(data)) {
				229	goto errout;
				230	}
				231	}
				232
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	233	rc = 0;
				234
				235	errout:
				236	log_progress(0, true);
				237	free(data->buffer);
				238	free(block_bitmap);
				239	return rc;
				240	}
				241
Paul Lawrence	236e5e8	2019-06-25 14:44:33 -0700	[diff] [blame]	242	static int cryptfs_enable_inplace_ext4(const char* crypto_blkdev, const char* real_blkdev,
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	243	off64_t size, bool set_progress_properties) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	244	u32 i;
				245	struct encryptGroupsData data;
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	246	int rc; // Can't initialize without causing warning -Wclobbered
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	247	int retries = RETRY_MOUNT_ATTEMPTS;
				248	struct timespec time_started = {0};
				249
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	250	memset(&data, 0, sizeof(data));
				251	data.real_blkdev = real_blkdev;
				252	data.crypto_blkdev = crypto_blkdev;
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	253	data.set_progress_properties = set_progress_properties;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	254
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	255	LOG(DEBUG) << "Opening" << real_blkdev;
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	256	if ((data.realfd = open(real_blkdev, O_RDWR \| O_CLOEXEC)) < 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	257	PLOG(ERROR) << "Error opening real_blkdev " << real_blkdev << " for inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	258	rc = -1;
				259	goto errout;
				260	}
				261
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	262	LOG(DEBUG) << "Opening" << crypto_blkdev;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	263	// Wait until the block device appears. Re-use the mount retry values since it is reasonable.
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	264	while ((data.cryptofd = open(crypto_blkdev, O_WRONLY \| O_CLOEXEC)) < 0) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	265	if (--retries) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	266	PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
				267	<< " for ext4 inplace encrypt, retrying";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	268	sleep(RETRY_MOUNT_DELAY_SECONDS);
				269	} else {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	270	PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
				271	<< " for ext4 inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	272	rc = ENABLE_INPLACE_ERR_DEV;
				273	goto errout;
				274	}
				275	}
				276
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	277	if (setjmp(setjmp_env)) { // NOLINT
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	278	LOG(ERROR) << "Reading ext4 extent caused an exception";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	279	rc = -1;
				280	goto errout;
				281	}
				282
				283	if (read_ext(data.realfd, 0) != 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	284	LOG(ERROR) << "Failed to read ext4 extent";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	285	rc = -1;
				286	goto errout;
				287	}
				288
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	289	data.blocks_already_done = 0;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	290
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	291	LOG(INFO) << "Encrypting ext4 filesystem in place...";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	292
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	293	data.tot_used_blocks = size / CRYPT_SECTORS_PER_BUFSIZE;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	294	for (i = 0; i < aux_info.groups; ++i) {
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	295	data.tot_used_blocks -= aux_info.bg_desc[i].bg_free_blocks_count;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	296	}
				297
				298	data.one_pct = data.tot_used_blocks / 100;
				299	data.cur_pct = 0;
				300
				301	if (clock_gettime(CLOCK_MONOTONIC, &time_started)) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	302	LOG(WARNING) << "Error getting time at start";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	303	// Note - continue anyway - we'll run with 0
				304	}
				305	data.time_started = time_started.tv_sec;
				306	data.remaining_time = -1;
				307
				308	rc = encrypt_groups(&data);
				309	if (rc) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	310	LOG(ERROR) << "Error encrypting groups";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	311	goto errout;
				312	}
				313
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	314	rc = 0;
				315
				316	errout:
				317	close(data.realfd);
				318	close(data.cryptofd);
				319
				320	return rc;
				321	}
				322
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	323	static void log_progress_f2fs(u64 block, bool completed) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	324	// Precondition - if completed data = 0 else data != 0
				325
				326	// Track progress so we can skip logging blocks
				327	static u64 last_block = (u64)-1;
				328
				329	// Need to close existing 'Encrypting from' log?
				330	if (completed \|\| (last_block != (u64)-1 && block != last_block + 1)) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	331	LOG(INFO) << "Encrypted to block " << last_block;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	332	last_block = -1;
				333	}
				334
				335	// Need to start new 'Encrypting from' log?
				336	if (!completed && (last_block == (u64)-1 \|\| block != last_block + 1)) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	337	LOG(INFO) << "Encrypting from block " << block;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	338	}
				339
				340	// Update offset
				341	if (!completed) {
				342	last_block = block;
				343	}
				344	}
				345
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	346	static int encrypt_one_block_f2fs(u64 pos, void* data) {
				347	struct encryptGroupsData* priv_dat = (struct encryptGroupsData*)data;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	348
				349	priv_dat->blocks_already_done = pos - 1;
				350	update_progress(priv_dat, 1);
				351
				352	off64_t offset = pos * CRYPT_INPLACE_BUFSIZE;
				353
				354	if (pread64(priv_dat->realfd, priv_dat->buffer, CRYPT_INPLACE_BUFSIZE, offset) <= 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	355	LOG(ERROR) << "Error reading real_blkdev " << priv_dat->crypto_blkdev
				356	<< " for f2fs inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	357	return -1;
				358	}
				359
				360	if (pwrite64(priv_dat->cryptofd, priv_dat->buffer, CRYPT_INPLACE_BUFSIZE, offset) <= 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	361	LOG(ERROR) << "Error writing crypto_blkdev " << priv_dat->crypto_blkdev
				362	<< " for f2fs inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	363	return -1;
				364	} else {
				365	log_progress_f2fs(pos, false);
				366	}
				367
				368	return 0;
				369	}
				370
Paul Lawrence	236e5e8	2019-06-25 14:44:33 -0700	[diff] [blame]	371	static int cryptfs_enable_inplace_f2fs(const char* crypto_blkdev, const char* real_blkdev,
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	372	off64_t size, bool set_progress_properties) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	373	struct encryptGroupsData data;
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	374	struct f2fs_info* f2fs_info = NULL;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	375	int rc = ENABLE_INPLACE_ERR_OTHER;
Denis Hsu	1740eff	2019-12-26 16:06:37 +0800	[diff] [blame]	376	struct timespec time_started = {0};
				377
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	378	memset(&data, 0, sizeof(data));
				379	data.real_blkdev = real_blkdev;
				380	data.crypto_blkdev = crypto_blkdev;
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	381	data.set_progress_properties = set_progress_properties;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	382	data.realfd = -1;
				383	data.cryptofd = -1;
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	384	if ((data.realfd = open64(real_blkdev, O_RDWR \| O_CLOEXEC)) < 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	385	PLOG(ERROR) << "Error opening real_blkdev " << real_blkdev << " for f2fs inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	386	goto errout;
				387	}
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	388	if ((data.cryptofd = open64(crypto_blkdev, O_WRONLY \| O_CLOEXEC)) < 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	389	PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
				390	<< " for f2fs inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	391	rc = ENABLE_INPLACE_ERR_DEV;
				392	goto errout;
				393	}
				394
				395	f2fs_info = generate_f2fs_info(data.realfd);
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	396	if (!f2fs_info) goto errout;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	397
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	398	data.blocks_already_done = 0;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	399
				400	data.tot_used_blocks = get_num_blocks_used(f2fs_info);
				401
				402	data.one_pct = data.tot_used_blocks / 100;
				403	data.cur_pct = 0;
Denis Hsu	1740eff	2019-12-26 16:06:37 +0800	[diff] [blame]	404	if (clock_gettime(CLOCK_MONOTONIC, &time_started)) {
				405	LOG(WARNING) << "Error getting time at start";
				406	// Note - continue anyway - we'll run with 0
				407	}
				408	data.time_started = time_started.tv_sec;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	409	data.remaining_time = -1;
				410
Denis Hsu	1740eff	2019-12-26 16:06:37 +0800	[diff] [blame]	411
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	412	data.buffer = (char*)malloc(f2fs_info->block_size);
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	413	if (!data.buffer) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	414	LOG(ERROR) << "Failed to allocate crypto buffer";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	415	goto errout;
				416	}
				417
				418	data.count = 0;
				419
				420	/* Currently, this either runs to completion, or hits a nonrecoverable error */
				421	rc = run_on_used_blocks(data.blocks_already_done, f2fs_info, &encrypt_one_block_f2fs, &data);
				422
				423	if (rc) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	424	LOG(ERROR) << "Error in running over f2fs blocks";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	425	rc = ENABLE_INPLACE_ERR_OTHER;
				426	goto errout;
				427	}
				428
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	429	rc = 0;
				430
				431	errout:
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	432	if (rc) LOG(ERROR) << "Failed to encrypt f2fs filesystem on " << real_blkdev;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	433
				434	log_progress_f2fs(0, true);
				435	free(f2fs_info);
				436	free(data.buffer);
				437	close(data.realfd);
				438	close(data.cryptofd);
				439
				440	return rc;
				441	}
				442
Paul Lawrence	236e5e8	2019-06-25 14:44:33 -0700	[diff] [blame]	443	static int cryptfs_enable_inplace_full(const char* crypto_blkdev, const char* real_blkdev,
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	444	off64_t size, bool set_progress_properties) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	445	int realfd, cryptofd;
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	446	char* buf[CRYPT_INPLACE_BUFSIZE];
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	447	int rc = ENABLE_INPLACE_ERR_OTHER;
				448	off64_t numblocks, i, remainder;
				449	off64_t one_pct, cur_pct, new_pct;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	450
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	451	if ((realfd = open(real_blkdev, O_RDONLY \| O_CLOEXEC)) < 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	452	PLOG(ERROR) << "Error opening real_blkdev " << real_blkdev << " for inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	453	return ENABLE_INPLACE_ERR_OTHER;
				454	}
				455
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	456	if ((cryptofd = open(crypto_blkdev, O_WRONLY \| O_CLOEXEC)) < 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	457	PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev << " for inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	458	close(realfd);
				459	return ENABLE_INPLACE_ERR_DEV;
				460	}
				461
				462	/* This is pretty much a simple loop of reading 4K, and writing 4K.
				463	* The size passed in is the number of 512 byte sectors in the filesystem.
				464	* So compute the number of whole 4K blocks we should read/write,
				465	* and the remainder.
				466	*/
				467	numblocks = size / CRYPT_SECTORS_PER_BUFSIZE;
				468	remainder = size % CRYPT_SECTORS_PER_BUFSIZE;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	469
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	470	LOG(ERROR) << "Encrypting filesystem in place...";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	471
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	472	one_pct = numblocks / 100;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	473	cur_pct = 0;
				474	/* process the majority of the filesystem in blocks */
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	475	for (i = 0; i < numblocks; i++) {
				476	new_pct = i / one_pct;
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	477	if (set_progress_properties && new_pct > cur_pct) {
Greg Kaiser	e0691cc	2018-12-18 12:34:07 -0800	[diff] [blame]	478	char property_buf[8];
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	479
				480	cur_pct = new_pct;
Greg Kaiser	e0691cc	2018-12-18 12:34:07 -0800	[diff] [blame]	481	snprintf(property_buf, sizeof(property_buf), "%" PRId64, cur_pct);
				482	android::base::SetProperty("vold.encrypt_progress", property_buf);
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	483	}
				484	if (unix_read(realfd, buf, CRYPT_INPLACE_BUFSIZE) <= 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	485	PLOG(ERROR) << "Error reading real_blkdev " << real_blkdev << " for inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	486	goto errout;
				487	}
				488	if (unix_write(cryptofd, buf, CRYPT_INPLACE_BUFSIZE) <= 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	489	PLOG(ERROR) << "Error writing crypto_blkdev " << crypto_blkdev << " for inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	490	goto errout;
				491	} else {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	492	LOG(DEBUG) << "Encrypted " << CRYPT_SECTORS_PER_BUFSIZE << " block at "
				493	<< i * CRYPT_SECTORS_PER_BUFSIZE;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	494	}
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	495	}
				496
				497	/* Do any remaining sectors */
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	498	for (i = 0; i < remainder; i++) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	499	if (unix_read(realfd, buf, CRYPT_SECTOR_SIZE) <= 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	500	LOG(ERROR) << "Error reading final sectors from real_blkdev " << real_blkdev
				501	<< " for inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	502	goto errout;
				503	}
				504	if (unix_write(cryptofd, buf, CRYPT_SECTOR_SIZE) <= 0) {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	505	LOG(ERROR) << "Error writing final sectors to crypto_blkdev " << crypto_blkdev
				506	<< " for inplace encrypt";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	507	goto errout;
				508	} else {
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	509	LOG(INFO) << "Encrypted 1 block at next location";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	510	}
				511	}
				512
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	513	rc = 0;
				514
				515	errout:
				516	close(realfd);
				517	close(cryptofd);
				518
				519	return rc;
				520	}
				521
				522	/* returns on of the ENABLE_INPLACE_* return codes */
Paul Lawrence	236e5e8	2019-06-25 14:44:33 -0700	[diff] [blame]	523	int cryptfs_enable_inplace(const char* crypto_blkdev, const char* real_blkdev, off64_t size,
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	524	bool set_progress_properties) {
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	525	int rc_ext4, rc_f2fs, rc_full;
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	526	LOG(DEBUG) << "cryptfs_enable_inplace(" << crypto_blkdev << ", " << real_blkdev << ", " << size
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	527	<< ", " << set_progress_properties << ")";
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	528
				529	/* TODO: identify filesystem type.
				530	* As is, cryptfs_enable_inplace_ext4 will fail on an f2fs partition, and
				531	* then we will drop down to cryptfs_enable_inplace_f2fs.
				532	* */
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	533	if ((rc_ext4 = cryptfs_enable_inplace_ext4(crypto_blkdev, real_blkdev, size,
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	534	set_progress_properties)) == 0) {
				535	LOG(DEBUG) << "cryptfs_enable_inplace_ext4 success";
				536	return 0;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	537	}
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	538	LOG(DEBUG) << "cryptfs_enable_inplace_ext4()=" << rc_ext4;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	539
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	540	if ((rc_f2fs = cryptfs_enable_inplace_f2fs(crypto_blkdev, real_blkdev, size,
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	541	set_progress_properties)) == 0) {
				542	LOG(DEBUG) << "cryptfs_enable_inplace_f2fs success";
				543	return 0;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	544	}
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	545	LOG(DEBUG) << "cryptfs_enable_inplace_f2fs()=" << rc_f2fs;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	546
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	547	rc_full =
Eric Biggers	c01995e	2020-11-03 14:11:00 -0800	[diff] [blame]	548	cryptfs_enable_inplace_full(crypto_blkdev, real_blkdev, size, set_progress_properties);
Paul Crowley	772cc85	2018-02-01 09:53:27 -0800	[diff] [blame]	549	LOG(DEBUG) << "cryptfs_enable_inplace_full()=" << rc_full;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	550
				551	/* Hack for b/17898962, the following is the symptom... */
Paul Crowley	14c8c07	2018-09-18 13:30:21 -0700	[diff] [blame]	552	if (rc_ext4 == ENABLE_INPLACE_ERR_DEV && rc_f2fs == ENABLE_INPLACE_ERR_DEV &&
				553	rc_full == ENABLE_INPLACE_ERR_DEV) {
Paul Crowley	0fd2626	2018-01-30 09:48:19 -0800	[diff] [blame]	554	LOG(DEBUG) << "ENABLE_INPLACE_ERR_DEV";
				555	return ENABLE_INPLACE_ERR_DEV;
Paul Crowley	f71ace3	2016-06-02 11:01:19 -0700	[diff] [blame]	556	}
				557	return rc_full;
				558	}