Blame - Ext4Crypt.cpp - SHIFTPHONES/android_system_vold

blob: 8b664ac6a16540fac45961749a7a1a6ccb759e10 [file] [log] [blame]

Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	1	/*
				2	* Copyright (C) 2015 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	17	#include "Ext4Crypt.h"
				18
Paul Crowley	1ef2558	2016-01-21 20:26:12 +0000	[diff] [blame]	19	#include "KeyStorage.h"
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	20	#include "Utils.h"
				21
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	22	#include <iomanip>
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	23	#include <map>
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	24	#include <set>
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	25	#include <sstream>
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	26	#include <string>
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	27
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	28	#include <dirent.h>
				29	#include <errno.h>
				30	#include <fcntl.h>
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	31	#include <openssl/sha.h>
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	32	#include <selinux/android.h>
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	33	#include <stdio.h>
				34	#include <sys/mount.h>
				35	#include <sys/stat.h>
				36	#include <sys/types.h>
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	37
Paul Crowley	480fcd2	2015-08-24 14:53:28 +0100	[diff] [blame]	38	#include <private/android_filesystem_config.h>
				39
Paul Lawrence	01f1bc7	2016-05-05 11:02:07 -0700	[diff] [blame]	40	#include <fs_mgr.h>
				41
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	42	#include "cryptfs.h"
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	43	#include "ext4_crypt.h"
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	44	#include "key_control.h"
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	45
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	46	#define EMULATED_USES_SELINUX 0
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	47	#define MANAGE_MISC_DIRS 0
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	48
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	49	#include <cutils/fs.h>
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	50
Elliott Hughes	7e128fb	2015-12-04 15:50:53 -0800	[diff] [blame]	51	#include <android-base/file.h>
Elliott Hughes	6bf0547	2015-12-04 17:55:33 -0800	[diff] [blame]	52	#include <android-base/logging.h>
Elliott Hughes	7e128fb	2015-12-04 15:50:53 -0800	[diff] [blame]	53	#include <android-base/stringprintf.h>
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	54
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	55	using android::base::StringPrintf;
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	56	using android::vold::kEmptyAuthentication;
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	57
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	58	// NOTE: keep in sync with StorageManager
				59	static constexpr int FLAG_STORAGE_DE = 1 << 0;
				60	static constexpr int FLAG_STORAGE_CE = 1 << 1;
				61
Paul Lawrence	01f1bc7	2016-05-05 11:02:07 -0700	[diff] [blame]	62	// Vile hack to get fstab entries for file encryption type
				63	extern struct fstab *fstab;
				64
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	65	namespace {
Paul Crowley	4d2d524	2016-04-27 10:25:12 -0700	[diff] [blame]	66	const std::string device_key_dir = std::string() + DATA_MNT_POINT + e4crypt_unencrypted_folder;
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	67	const std::string device_key_path = device_key_dir + "/key";
				68	const std::string device_key_temp = device_key_dir + "/temp";
Paul Lawrence	5a06a64	2016-02-03 13:39:13 -0800	[diff] [blame]	69
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	70	const std::string user_key_dir = std::string() + DATA_MNT_POINT + "/misc/vold/user_keys";
				71	const std::string user_key_temp = user_key_dir + "/temp";
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	72
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	73	bool s_global_de_initialized = false;
Paul Lawrence	7b6b565	2016-02-02 11:14:59 -0800	[diff] [blame]	74
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	75	// Some users are ephemeral, don't try to wipe their keys from disk
				76	std::set<userid_t> s_ephemeral_users;
Paul Lawrence	aec34df	2016-02-03 10:52:41 -0800	[diff] [blame]	77
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	78	// Map user ids to key references
				79	std::map<userid_t, std::string> s_de_key_raw_refs;
				80	std::map<userid_t, std::string> s_ce_key_raw_refs;
				81	// TODO abolish this map. Keys should not be long-lived in user memory, only kernel memory.
				82	// See b/26948053
				83	std::map<userid_t, std::string> s_ce_keys;
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	84
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	85	// ext4enc:TODO get this const from somewhere good
				86	const int EXT4_KEY_DESCRIPTOR_SIZE = 8;
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	87
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	88	// ext4enc:TODO Include structure from somewhere sensible
				89	// MUST be in sync with ext4_crypto.c in kernel
				90	constexpr int EXT4_ENCRYPTION_MODE_AES_256_XTS = 1;
				91	constexpr int EXT4_AES_256_XTS_KEY_SIZE = 64;
				92	constexpr int EXT4_MAX_KEY_SIZE = 64;
				93	struct ext4_encryption_key {
				94	uint32_t mode;
				95	char raw[EXT4_MAX_KEY_SIZE];
				96	uint32_t size;
				97	};
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	98	}
				99
Paul Lawrence	01f1bc7	2016-05-05 11:02:07 -0700	[diff] [blame]	100	#define XATTR_NAME_ENCRYPTION_POLICY "encryption.policy"
				101	#define EXT4_KEYREF_DELIMITER ((char)'.')
				102
				103	// ext4enc:TODO Include structure from somewhere sensible
				104	// MUST be in sync with ext4_crypto.c in kernel
				105	#define EXT4_KEY_DESCRIPTOR_SIZE 8
				106	#define EXT4_KEY_DESCRIPTOR_SIZE_HEX 17
				107
				108	struct ext4_encryption_policy {
				109	char version;
				110	char contents_encryption_mode;
				111	char filenames_encryption_mode;
				112	char flags;
				113	char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
				114	} __attribute__((__packed__));
				115
				116	#define EXT4_ENCRYPTION_MODE_AES_256_XTS 1
				117	#define EXT4_ENCRYPTION_MODE_AES_256_CTS 4
				118	#define EXT4_ENCRYPTION_MODE_PRIVATE 127
				119
				120	// ext4enc:TODO Get value from somewhere sensible
				121	#define EXT4_IOC_SET_ENCRYPTION_POLICY _IOR('f', 19, struct ext4_encryption_policy)
				122	#define EXT4_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct ext4_encryption_policy)
				123
				124	#define HEX_LOOKUP "0123456789abcdef"
				125
				126	static void policy_to_hex(const char* policy, char* hex) {
				127	for (size_t i = 0, j = 0; i < EXT4_KEY_DESCRIPTOR_SIZE; i++) {
				128	hex[j++] = HEX_LOOKUP[(policy[i] & 0xF0) >> 4];
				129	hex[j++] = HEX_LOOKUP[policy[i] & 0x0F];
				130	}
				131	hex[EXT4_KEY_DESCRIPTOR_SIZE_HEX - 1] = '\0';
				132	}
				133
				134	static bool is_dir_empty(const char dirname, bool is_empty)
				135	{
				136	int n = 0;
				137	auto dirp = std::unique_ptr<DIR, int ()(DIR)>(opendir(dirname), closedir);
				138	if (!dirp) {
				139	PLOG(ERROR) << "Unable to read directory: " << dirname;
				140	return false;
				141	}
				142	for (;;) {
				143	errno = 0;
				144	auto entry = readdir(dirp.get());
				145	if (!entry) {
				146	if (errno) {
				147	PLOG(ERROR) << "Unable to read directory: " << dirname;
				148	return false;
				149	}
				150	break;
				151	}
				152	if (strcmp(entry->d_name, "lost+found") != 0) { // Skip lost+found
				153	++n;
				154	if (n > 2) {
				155	*is_empty = false;
				156	return true;
				157	}
				158	}
				159	}
				160	*is_empty = true;
				161	return true;
				162	}
				163
				164	static bool e4crypt_policy_set(const char directory, const char policy,
				165	size_t policy_length, int contents_encryption_type) {
				166	if (policy_length != EXT4_KEY_DESCRIPTOR_SIZE) {
				167	LOG(ERROR) << "Policy wrong length: " << policy_length;
				168	return false;
				169	}
				170	int fd = open(directory, O_DIRECTORY \| O_NOFOLLOW \| O_CLOEXEC);
				171	if (fd == -1) {
				172	PLOG(ERROR) << "Failed to open directory " << directory;
				173	return false;
				174	}
				175
				176	ext4_encryption_policy eep;
				177	eep.version = 0;
				178	eep.contents_encryption_mode = contents_encryption_type;
				179	eep.filenames_encryption_mode = EXT4_ENCRYPTION_MODE_AES_256_CTS;
				180	eep.flags = 0;
				181	memcpy(eep.master_key_descriptor, policy, EXT4_KEY_DESCRIPTOR_SIZE);
				182	if (ioctl(fd, EXT4_IOC_SET_ENCRYPTION_POLICY, &eep)) {
				183	PLOG(ERROR) << "Failed to set encryption policy for " << directory;
				184	close(fd);
				185	return false;
				186	}
				187	close(fd);
				188
				189	char policy_hex[EXT4_KEY_DESCRIPTOR_SIZE_HEX];
				190	policy_to_hex(policy, policy_hex);
				191	LOG(INFO) << "Policy for " << directory << " set to " << policy_hex;
				192	return true;
				193	}
				194
				195	static bool e4crypt_policy_get(const char directory, char policy,
				196	size_t policy_length, int contents_encryption_type) {
				197	if (policy_length != EXT4_KEY_DESCRIPTOR_SIZE) {
				198	LOG(ERROR) << "Policy wrong length: " << policy_length;
				199	return false;
				200	}
				201
				202	int fd = open(directory, O_DIRECTORY \| O_NOFOLLOW \| O_CLOEXEC);
				203	if (fd == -1) {
				204	PLOG(ERROR) << "Failed to open directory " << directory;
				205	return false;
				206	}
				207
				208	ext4_encryption_policy eep;
				209	memset(&eep, 0, sizeof(ext4_encryption_policy));
				210	if (ioctl(fd, EXT4_IOC_GET_ENCRYPTION_POLICY, &eep) != 0) {
				211	PLOG(ERROR) << "Failed to get encryption policy for " << directory;
				212	close(fd);
				213	return -1;
				214	}
				215	close(fd);
				216
				217	if ((eep.version != 0)
				218	\|\| (eep.contents_encryption_mode != contents_encryption_type)
				219	\|\| (eep.filenames_encryption_mode != EXT4_ENCRYPTION_MODE_AES_256_CTS)
				220	\|\| (eep.flags != 0)) {
				221	LOG(ERROR) << "Failed to find matching encryption policy for " << directory;
				222	return false;
				223	}
				224	memcpy(policy, eep.master_key_descriptor, EXT4_KEY_DESCRIPTOR_SIZE);
				225
				226	return true;
				227	}
				228
				229	static bool e4crypt_policy_check(const char directory, const char policy,
				230	size_t policy_length, int contents_encryption_type) {
				231	if (policy_length != EXT4_KEY_DESCRIPTOR_SIZE) {
				232	LOG(ERROR) << "Policy wrong length: " << policy_length;
				233	return false;
				234	}
				235	char existing_policy[EXT4_KEY_DESCRIPTOR_SIZE];
				236	if (!e4crypt_policy_get(directory, existing_policy, EXT4_KEY_DESCRIPTOR_SIZE,
				237	contents_encryption_type)) {
				238	return false;
				239	}
				240	char existing_policy_hex[EXT4_KEY_DESCRIPTOR_SIZE_HEX];
				241
				242	policy_to_hex(existing_policy, existing_policy_hex);
				243
				244	if (memcmp(policy, existing_policy, EXT4_KEY_DESCRIPTOR_SIZE) != 0) {
				245	char policy_hex[EXT4_KEY_DESCRIPTOR_SIZE_HEX];
				246	policy_to_hex(policy, policy_hex);
				247	LOG(ERROR) << "Found policy " << existing_policy_hex << " at " << directory
				248	<< " which doesn't match expected value " << policy_hex;
				249	return false;
				250	}
				251	LOG(INFO) << "Found policy " << existing_policy_hex << " at " << directory
				252	<< " which matches expected value";
				253	return true;
				254	}
				255
				256	int e4crypt_policy_ensure(const char* directory, const char* policy, int policy_length)
				257	{
				258	static int contents_encryption_type = 0;
				259	if (contents_encryption_type == 0) {
				260	// Get file_encryption_type from fstab
				261	struct fstab_rec *rec = fs_mgr_get_entry_for_mount_point(fstab, "/data");
				262	if (rec == 0) {
				263	return -1;
				264	}
				265
				266	// Translate file_encryption_type to ext4 contents encryption type
				267	switch (rec->file_encryption_type)
				268	{
				269	case ET_SOFTWARE:
				270	contents_encryption_type = EXT4_ENCRYPTION_MODE_AES_256_XTS;
				271	break;
				272
				273	case ET_ICE:
				274	contents_encryption_type = EXT4_ENCRYPTION_MODE_PRIVATE;
				275	break;
				276
				277	default:
				278	return -1;
				279	}
				280	}
				281
				282	bool is_empty;
				283	if (!is_dir_empty(directory, &is_empty)) return -1;
				284	if (is_empty) {
				285	if (!e4crypt_policy_set(directory, policy, policy_length,
				286	contents_encryption_type)) {
				287	return -1;
				288	}
				289	} else {
				290	if (!e4crypt_policy_check(directory, policy, policy_length,
				291	contents_encryption_type)) {
				292	return -1;
				293	}
				294	}
				295	return 0;
				296	}
				297
				298	bool e4crypt_hex_policy_ensure(const char* dir, const char* hex_policy)
				299	{
				300	std::string hex = hex_policy;
				301	if (hex.substr(0, 2) != "0x") {
				302	return false;
				303	}
				304	std::string policy;
				305	if (android::vold::HexToStr(hex.substr(2), policy)) {
				306	return false;
				307	}
				308
				309	return e4crypt_policy_ensure(dir, policy.c_str(), policy.length()) == 0;
				310	}
				311
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	312	static bool e4crypt_is_emulated() {
				313	return property_get_bool("persist.sys.emulate_fbe", false);
				314	}
				315
				316	static const char* escape_null(const char* value) {
				317	return (value == nullptr) ? "null" : value;
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	318	}
				319
Paul Crowley	9336348	2015-07-07 15:17:22 +0100	[diff] [blame]	320	// Get raw keyref - used to make keyname and to pass to ioctl
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	321	static std::string generate_key_ref(const char* key, int length) {
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	322	SHA512_CTX c;
				323
				324	SHA512_Init(&c);
				325	SHA512_Update(&c, key, length);
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	326	unsigned char key_ref1[SHA512_DIGEST_LENGTH];
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	327	SHA512_Final(key_ref1, &c);
				328
				329	SHA512_Init(&c);
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	330	SHA512_Update(&c, key_ref1, SHA512_DIGEST_LENGTH);
				331	unsigned char key_ref2[SHA512_DIGEST_LENGTH];
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	332	SHA512_Final(key_ref2, &c);
				333
Paul Crowley	d9b9295	2016-03-04 13:45:00 -0800	[diff] [blame]	334	static_assert(EXT4_KEY_DESCRIPTOR_SIZE <= SHA512_DIGEST_LENGTH,
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	335	"Hash too short for descriptor");
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	336	return std::string((char*)key_ref2, EXT4_KEY_DESCRIPTOR_SIZE);
				337	}
				338
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	339	static bool fill_key(const std::string& key, ext4_encryption_key* ext4_key) {
Paul Crowley	2199069	2016-03-02 09:15:07 -0800	[diff] [blame]	340	if (key.size() != EXT4_AES_256_XTS_KEY_SIZE) {
				341	LOG(ERROR) << "Wrong size key " << key.size();
				342	return false;
				343	}
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	344	static_assert(EXT4_AES_256_XTS_KEY_SIZE <= sizeof(ext4_key->raw), "Key too long!");
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	345	ext4_key->mode = EXT4_ENCRYPTION_MODE_AES_256_XTS;
				346	ext4_key->size = key.size();
				347	memset(ext4_key->raw, 0, sizeof(ext4_key->raw));
				348	memcpy(ext4_key->raw, key.data(), key.size());
Paul Crowley	2199069	2016-03-02 09:15:07 -0800	[diff] [blame]	349	return true;
Paul Crowley	9336348	2015-07-07 15:17:22 +0100	[diff] [blame]	350	}
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	351
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	352	static std::string keyname(const std::string& raw_ref) {
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	353	std::ostringstream o;
Paul Crowley	9336348	2015-07-07 15:17:22 +0100	[diff] [blame]	354	o << "ext4:";
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	355	for (auto i : raw_ref) {
Paul Crowley	d9b9295	2016-03-04 13:45:00 -0800	[diff] [blame]	356	o << std::hex << std::setw(2) << std::setfill('0') << (int)i;
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	357	}
Paul Crowley	9336348	2015-07-07 15:17:22 +0100	[diff] [blame]	358	return o.str();
				359	}
Paul Lawrence	fd7db73	2015-04-10 07:48:51 -0700	[diff] [blame]	360
Paul Crowley	9336348	2015-07-07 15:17:22 +0100	[diff] [blame]	361	// Get the keyring we store all keys in
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	362	static bool e4crypt_keyring(key_serial_t* device_keyring) {
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	363	*device_keyring = keyctl_search(KEY_SPEC_SESSION_KEYRING, "keyring", "e4crypt", 0);
				364	if (*device_keyring == -1) {
Paul Crowley	d9b9295	2016-03-04 13:45:00 -0800	[diff] [blame]	365	PLOG(ERROR) << "Unable to find device keyring";
				366	return false;
				367	}
				368	return true;
Paul Crowley	9336348	2015-07-07 15:17:22 +0100	[diff] [blame]	369	}
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	370
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	371	// Install password into global keyring
				372	// Return raw key reference for use in policy
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	373	static bool install_key(const std::string& key, std::string* raw_ref) {
Paul Crowley	2199069	2016-03-02 09:15:07 -0800	[diff] [blame]	374	ext4_encryption_key ext4_key;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	375	if (!fill_key(key, &ext4_key)) return false;
				376	*raw_ref = generate_key_ref(ext4_key.raw, ext4_key.size);
				377	auto ref = keyname(*raw_ref);
Paul Crowley	d9b9295	2016-03-04 13:45:00 -0800	[diff] [blame]	378	key_serial_t device_keyring;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	379	if (!e4crypt_keyring(&device_keyring)) return false;
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	380	key_serial_t key_id =
				381	add_key("logon", ref.c_str(), (void*)&ext4_key, sizeof(ext4_key), device_keyring);
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	382	if (key_id == -1) {
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	383	PLOG(ERROR) << "Failed to insert key into keyring " << device_keyring;
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	384	return false;
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	385	}
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	386	LOG(DEBUG) << "Added key " << key_id << " (" << ref << ") to keyring " << device_keyring
				387	<< " in process " << getpid();
Paul Lawrence	85e3d8c	2016-04-26 12:50:53 -0700	[diff] [blame]	388
				389	// TODO Remove this code when kernel is fixed - see b/28373400
				390	// Kernel preserves caches across a key insertion with ext4ice, which leads
				391	// to contradictory dirents
				392	if (!android::base::WriteStringToFile("3", "/proc/sys/vm/drop_caches")) {
				393	PLOG(ERROR) << "Failed to drop_caches";
				394	}
				395
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	396	return true;
Paul Lawrence	731a7a2	2015-04-28 22:14:15 +0000	[diff] [blame]	397	}
				398
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	399	static std::string get_de_key_path(userid_t user_id) {
				400	return StringPrintf("%s/de/%d", user_key_dir.c_str(), user_id);
				401	}
				402
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	403	static std::string get_ce_key_path(userid_t user_id) {
				404	return StringPrintf("%s/ce/%d/current", user_key_dir.c_str(), user_id);
Paul Crowley	b33e887	2015-05-19 12:34:09 +0100	[diff] [blame]	405	}
				406
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	407	static bool read_and_install_user_ce_key(userid_t user_id,
				408	const android::vold::KeyAuthentication& auth) {
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	409	if (s_ce_key_raw_refs.count(user_id) != 0) return true;
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	410	const auto ce_key_path = get_ce_key_path(user_id);
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	411	std::string ce_key;
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	412	if (!android::vold::retrieveKey(ce_key_path, auth, &ce_key)) return false;
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	413	std::string ce_raw_ref;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	414	if (!install_key(ce_key, &ce_raw_ref)) return false;
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	415	s_ce_keys[user_id] = ce_key;
				416	s_ce_key_raw_refs[user_id] = ce_raw_ref;
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	417	LOG(DEBUG) << "Installed ce key for user " << user_id;
Paul Crowley	1ef2558	2016-01-21 20:26:12 +0000	[diff] [blame]	418	return true;
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	419	}
				420
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	421	static bool prepare_dir(const std::string& dir, mode_t mode, uid_t uid, gid_t gid) {
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	422	LOG(DEBUG) << "Preparing: " << dir;
Paul Crowley	13ffd8e	2016-01-27 14:30:22 +0000	[diff] [blame]	423	if (fs_prepare_dir(dir.c_str(), mode, uid, gid) != 0) {
				424	PLOG(ERROR) << "Failed to prepare " << dir;
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	425	return false;
				426	}
Paul Crowley	13ffd8e	2016-01-27 14:30:22 +0000	[diff] [blame]	427	return true;
				428	}
				429
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	430	static bool destroy_dir(const std::string& dir) {
				431	LOG(DEBUG) << "Destroying: " << dir;
				432	if (rmdir(dir.c_str()) != 0 && errno != ENOENT) {
				433	PLOG(ERROR) << "Failed to destroy " << dir;
				434	return false;
				435	}
				436	return true;
				437	}
				438
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	439	static bool random_key(std::string* key) {
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	440	if (android::vold::ReadRandomBytes(EXT4_AES_256_XTS_KEY_SIZE, *key) != 0) {
Paul Crowley	1ef2558	2016-01-21 20:26:12 +0000	[diff] [blame]	441	// TODO status_t plays badly with PLOG, fix it.
				442	LOG(ERROR) << "Random read failed";
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	443	return false;
				444	}
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	445	return true;
				446	}
				447
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	448	static bool path_exists(const std::string& path) {
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	449	return access(path.c_str(), F_OK) == 0;
				450	}
				451
				452	// NB this assumes that there is only one thread listening for crypt commands, because
				453	// it creates keys in a fixed location.
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	454	static bool store_key(const std::string& key_path, const std::string& tmp_path,
				455	const android::vold::KeyAuthentication& auth, const std::string& key) {
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	456	if (path_exists(key_path)) {
				457	LOG(ERROR) << "Already exists, cannot create key at: " << key_path;
				458	return false;
				459	}
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	460	if (path_exists(tmp_path)) {
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	461	android::vold::destroyKey(tmp_path); // May be partially created so ignore errors
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	462	}
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	463	if (!android::vold::storeKey(tmp_path, auth, key)) return false;
				464	if (rename(tmp_path.c_str(), key_path.c_str()) != 0) {
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	465	PLOG(ERROR) << "Unable to move new key to location: " << key_path;
				466	return false;
Paul Crowley	95376d6	2015-05-06 15:04:43 +0100	[diff] [blame]	467	}
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	468	LOG(DEBUG) << "Created key " << key_path;
Paul Crowley	95376d6	2015-05-06 15:04:43 +0100	[diff] [blame]	469	return true;
				470	}
				471
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	472	static bool create_and_install_user_keys(userid_t user_id, bool create_ephemeral) {
				473	std::string de_key, ce_key;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	474	if (!random_key(&de_key)) return false;
				475	if (!random_key(&ce_key)) return false;
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	476	if (create_ephemeral) {
				477	// If the key should be created as ephemeral, don't store it.
				478	s_ephemeral_users.insert(user_id);
				479	} else {
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	480	if (!store_key(get_de_key_path(user_id), user_key_temp,
				481	kEmptyAuthentication, de_key)) return false;
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	482	if (!prepare_dir(user_key_dir + "/ce/" + std::to_string(user_id),
				483	0700, AID_ROOT, AID_ROOT)) return false;
				484	if (!store_key(get_ce_key_path(user_id), user_key_temp,
				485	kEmptyAuthentication, ce_key)) return false;
Paul Crowley	95376d6	2015-05-06 15:04:43 +0100	[diff] [blame]	486	}
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	487	std::string de_raw_ref;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	488	if (!install_key(de_key, &de_raw_ref)) return false;
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	489	s_de_key_raw_refs[user_id] = de_raw_ref;
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	490	std::string ce_raw_ref;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	491	if (!install_key(ce_key, &ce_raw_ref)) return false;
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	492	s_ce_keys[user_id] = ce_key;
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	493	s_ce_key_raw_refs[user_id] = ce_raw_ref;
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	494	LOG(DEBUG) << "Created keys for user " << user_id;
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	495	return true;
				496	}
				497
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	498	static bool lookup_key_ref(const std::map<userid_t, std::string>& key_map, userid_t user_id,
				499	std::string* raw_ref) {
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	500	auto refi = key_map.find(user_id);
				501	if (refi == key_map.end()) {
				502	LOG(ERROR) << "Cannot find key for " << user_id;
				503	return false;
				504	}
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	505	*raw_ref = refi->second;
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	506	return true;
				507	}
				508
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	509	static bool ensure_policy(const std::string& raw_ref, const std::string& path) {
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	510	if (e4crypt_policy_ensure(path.c_str(), raw_ref.data(), raw_ref.size()) != 0) {
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	511	LOG(ERROR) << "Failed to set policy on: " << path;
				512	return false;
				513	}
				514	return true;
Paul Crowley	95376d6	2015-05-06 15:04:43 +0100	[diff] [blame]	515	}
Paul Crowley	b33e887	2015-05-19 12:34:09 +0100	[diff] [blame]	516
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	517	static bool is_numeric(const char* name) {
				518	for (const char* p = name; *p != '\0'; p++) {
				519	if (!isdigit(*p)) return false;
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	520	}
				521	return true;
				522	}
				523
				524	static bool load_all_de_keys() {
				525	auto de_dir = user_key_dir + "/de";
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	526	auto dirp = std::unique_ptr<DIR, int ()(DIR)>(opendir(de_dir.c_str()), closedir);
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	527	if (!dirp) {
				528	PLOG(ERROR) << "Unable to read de key directory";
				529	return false;
				530	}
				531	for (;;) {
				532	errno = 0;
				533	auto entry = readdir(dirp.get());
				534	if (!entry) {
				535	if (errno) {
				536	PLOG(ERROR) << "Unable to read de key directory";
				537	return false;
				538	}
				539	break;
				540	}
				541	if (entry->d_type != DT_DIR \|\| !is_numeric(entry->d_name)) {
				542	LOG(DEBUG) << "Skipping non-de-key " << entry->d_name;
				543	continue;
				544	}
				545	userid_t user_id = atoi(entry->d_name);
				546	if (s_de_key_raw_refs.count(user_id) == 0) {
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	547	auto key_path = de_dir + "/" + entry->d_name;
				548	std::string key;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	549	if (!android::vold::retrieveKey(key_path, kEmptyAuthentication, &key)) return false;
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	550	std::string raw_ref;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	551	if (!install_key(key, &raw_ref)) return false;
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	552	s_de_key_raw_refs[user_id] = raw_ref;
				553	LOG(DEBUG) << "Installed de key for user " << user_id;
				554	}
				555	}
				556	// ext4enc:TODO: go through all DE directories, ensure that all user dirs have the
				557	// correct policy set on them, and that no rogue ones exist.
				558	return true;
				559	}
				560
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	561	bool e4crypt_initialize_global_de() {
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	562	LOG(INFO) << "e4crypt_initialize_global_de";
Paul Lawrence	aec34df	2016-02-03 10:52:41 -0800	[diff] [blame]	563
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	564	if (s_global_de_initialized) {
				565	LOG(INFO) << "Already initialized";
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	566	return true;
Paul Lawrence	aec34df	2016-02-03 10:52:41 -0800	[diff] [blame]	567	}
				568
				569	std::string device_key;
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	570	if (path_exists(device_key_path)) {
				571	if (!android::vold::retrieveKey(device_key_path,
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	572	kEmptyAuthentication, &device_key)) return false;
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	573	} else {
Paul Lawrence	aec34df	2016-02-03 10:52:41 -0800	[diff] [blame]	574	LOG(INFO) << "Creating new key";
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	575	if (!random_key(&device_key)) return false;
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	576	if (!store_key(device_key_path, device_key_temp,
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	577	kEmptyAuthentication, device_key)) return false;
Paul Lawrence	aec34df	2016-02-03 10:52:41 -0800	[diff] [blame]	578	}
				579
				580	std::string device_key_ref;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	581	if (!install_key(device_key, &device_key_ref)) {
Paul Lawrence	aec34df	2016-02-03 10:52:41 -0800	[diff] [blame]	582	LOG(ERROR) << "Failed to install device key";
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	583	return false;
Paul Lawrence	aec34df	2016-02-03 10:52:41 -0800	[diff] [blame]	584	}
				585
Paul Lawrence	f10544d	2016-02-04 08:18:52 -0800	[diff] [blame]	586	std::string ref_filename = std::string("/data") + e4crypt_key_ref;
				587	if (!android::base::WriteStringToFile(device_key_ref, ref_filename)) {
				588	PLOG(ERROR) << "Cannot save key reference";
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	589	return false;
Paul Lawrence	aec34df	2016-02-03 10:52:41 -0800	[diff] [blame]	590	}
				591
Paul Crowley	38132a1	2016-02-09 09:50:32 +0000	[diff] [blame]	592	s_global_de_initialized = true;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	593	return true;
Paul Lawrence	aec34df	2016-02-03 10:52:41 -0800	[diff] [blame]	594	}
				595
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	596	bool e4crypt_init_user0() {
Paul Crowley	8fb12fd	2016-02-01 14:28:12 +0000	[diff] [blame]	597	LOG(DEBUG) << "e4crypt_init_user0";
				598	if (e4crypt_is_native()) {
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	599	if (!prepare_dir(user_key_dir, 0700, AID_ROOT, AID_ROOT)) return false;
				600	if (!prepare_dir(user_key_dir + "/ce", 0700, AID_ROOT, AID_ROOT)) return false;
				601	if (!prepare_dir(user_key_dir + "/de", 0700, AID_ROOT, AID_ROOT)) return false;
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	602	auto de_path = get_de_key_path(0);
				603	auto ce_path = get_ce_key_path(0);
				604	if (!path_exists(de_path) \|\| !path_exists(ce_path)) {
				605	if (path_exists(de_path)) {
				606	android::vold::destroyKey(de_path); // May be partially created so ignore errors
				607	}
				608	if (path_exists(ce_path)) {
				609	android::vold::destroyKey(ce_path); // May be partially created so ignore errors
				610	}
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	611	if (!create_and_install_user_keys(0, false)) return false;
Paul Crowley	8fb12fd	2016-02-01 14:28:12 +0000	[diff] [blame]	612	}
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	613	// TODO: switch to loading only DE_0 here once framework makes
				614	// explicit calls to install DE keys for secondary users
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	615	if (!load_all_de_keys()) return false;
Paul Crowley	8fb12fd	2016-02-01 14:28:12 +0000	[diff] [blame]	616	}
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	617	// We can only safely prepare DE storage here, since CE keys are probably
				618	// entangled with user credentials. The framework will always prepare CE
				619	// storage once CE keys are installed.
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	620	if (!e4crypt_prepare_user_storage(nullptr, 0, 0, FLAG_STORAGE_DE)) {
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	621	LOG(ERROR) << "Failed to prepare user 0 storage";
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	622	return false;
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	623	}
Jeff Sharkey	0754a45	2016-02-08 12:21:42 -0700	[diff] [blame]	624
				625	// If this is a non-FBE device that recently left an emulated mode,
				626	// restore user data directories to known-good state.
				627	if (!e4crypt_is_native() && !e4crypt_is_emulated()) {
Jeff Sharkey	695d928	2016-02-08 18:10:34 -0700	[diff] [blame]	628	e4crypt_unlock_user_key(0, 0, "!", "!");
Jeff Sharkey	0754a45	2016-02-08 12:21:42 -0700	[diff] [blame]	629	}
				630
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	631	return true;
Paul Crowley	8fb12fd	2016-02-01 14:28:12 +0000	[diff] [blame]	632	}
				633
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	634	bool e4crypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral) {
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	635	LOG(DEBUG) << "e4crypt_vold_create_user_key for " << user_id << " serial " << serial;
Paul Crowley	ea62e26	2016-01-28 12:23:53 +0000	[diff] [blame]	636	if (!e4crypt_is_native()) {
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	637	return true;
Paul Crowley	ea62e26	2016-01-28 12:23:53 +0000	[diff] [blame]	638	}
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	639	// FIXME test for existence of key that is not loaded yet
				640	if (s_ce_key_raw_refs.count(user_id) != 0) {
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	641	LOG(ERROR) << "Already exists, can't e4crypt_vold_create_user_key for " << user_id
				642	<< " serial " << serial;
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	643	// FIXME should we fail the command?
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	644	return true;
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	645	}
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	646	if (!create_and_install_user_keys(user_id, ephemeral)) {
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	647	return false;
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	648	}
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	649	return true;
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	650	}
				651
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	652	static bool evict_key(const std::string& raw_ref) {
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	653	auto ref = keyname(raw_ref);
Paul Crowley	d9b9295	2016-03-04 13:45:00 -0800	[diff] [blame]	654	key_serial_t device_keyring;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	655	if (!e4crypt_keyring(&device_keyring)) return false;
Paul Crowley	d9b9295	2016-03-04 13:45:00 -0800	[diff] [blame]	656	auto key_serial = keyctl_search(device_keyring, "logon", ref.c_str(), 0);
Paul Crowley	1ef2558	2016-01-21 20:26:12 +0000	[diff] [blame]	657	if (keyctl_revoke(key_serial) != 0) {
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	658	PLOG(ERROR) << "Failed to revoke key with serial " << key_serial << " ref " << ref;
Paul Crowley	1ef2558	2016-01-21 20:26:12 +0000	[diff] [blame]	659	return false;
Paul Crowley	9336348	2015-07-07 15:17:22 +0100	[diff] [blame]	660	}
Paul Crowley	1ef2558	2016-01-21 20:26:12 +0000	[diff] [blame]	661	LOG(DEBUG) << "Revoked key with serial " << key_serial << " ref " << ref;
				662	return true;
				663	}
				664
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	665	bool e4crypt_destroy_user_key(userid_t user_id) {
Paul Crowley	1ef2558	2016-01-21 20:26:12 +0000	[diff] [blame]	666	LOG(DEBUG) << "e4crypt_destroy_user_key(" << user_id << ")";
Paul Crowley	ea62e26	2016-01-28 12:23:53 +0000	[diff] [blame]	667	if (!e4crypt_is_native()) {
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	668	return true;
Paul Crowley	ea62e26	2016-01-28 12:23:53 +0000	[diff] [blame]	669	}
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	670	bool success = true;
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	671	s_ce_keys.erase(user_id);
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	672	std::string raw_ref;
Paul Crowley	71ee662	2016-03-25 15:50:01 -0700	[diff] [blame]	673	// If we haven't loaded the CE key, no need to evict it.
				674	if (lookup_key_ref(s_ce_key_raw_refs, user_id, &raw_ref)) {
				675	success &= evict_key(raw_ref);
				676	}
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	677	s_ce_key_raw_refs.erase(user_id);
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	678	success &= lookup_key_ref(s_de_key_raw_refs, user_id, &raw_ref) && evict_key(raw_ref);
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	679	s_de_key_raw_refs.erase(user_id);
Paul Crowley	b1f3d24	2016-01-28 10:09:46 +0000	[diff] [blame]	680	auto it = s_ephemeral_users.find(user_id);
				681	if (it != s_ephemeral_users.end()) {
				682	s_ephemeral_users.erase(it);
Paul Crowley	1ef2558	2016-01-21 20:26:12 +0000	[diff] [blame]	683	} else {
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	684	success &= android::vold::destroyKey(get_ce_key_path(user_id));
Paul Crowley	b92f83c	2016-02-01 14:10:43 +0000	[diff] [blame]	685	success &= android::vold::destroyKey(get_de_key_path(user_id));
Lenka Trochtova	395039f	2015-11-25 10:13:03 +0100	[diff] [blame]	686	}
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	687	return success;
Paul Crowley	b33e887	2015-05-19 12:34:09 +0100	[diff] [blame]	688	}
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	689
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	690	static bool emulated_lock(const std::string& path) {
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	691	if (chmod(path.c_str(), 0000) != 0) {
				692	PLOG(ERROR) << "Failed to chmod " << path;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	693	return false;
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	694	}
				695	#if EMULATED_USES_SELINUX
				696	if (setfilecon(path.c_str(), "u:object_r:storage_stub_file:s0") != 0) {
				697	PLOG(WARNING) << "Failed to setfilecon " << path;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	698	return false;
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	699	}
				700	#endif
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	701	return true;
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	702	}
				703
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	704	static bool emulated_unlock(const std::string& path, mode_t mode) {
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	705	if (chmod(path.c_str(), mode) != 0) {
				706	PLOG(ERROR) << "Failed to chmod " << path;
Paul Crowley	a042cb5	2016-01-21 17:24:49 +0000	[diff] [blame]	707	// FIXME temporary workaround for b/26713622
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	708	if (e4crypt_is_emulated()) return false;
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	709	}
				710	#if EMULATED_USES_SELINUX
				711	if (selinux_android_restorecon(path.c_str(), SELINUX_ANDROID_RESTORECON_FORCE) != 0) {
				712	PLOG(WARNING) << "Failed to restorecon " << path;
Paul Crowley	a042cb5	2016-01-21 17:24:49 +0000	[diff] [blame]	713	// FIXME temporary workaround for b/26713622
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	714	if (e4crypt_is_emulated()) return false;
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	715	}
				716	#endif
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	717	return true;
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	718	}
				719
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	720	static bool parse_hex(const char* hex, std::string* result) {
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	721	if (strcmp("!", hex) == 0) {
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	722	*result = "";
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	723	return true;
				724	}
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	725	if (android::vold::HexToStr(hex, *result) != 0) {
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	726	LOG(ERROR) << "Invalid FBE hex string"; // Don't log the string for security reasons
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	727	return false;
				728	}
				729	return true;
				730	}
				731
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	732	bool e4crypt_change_user_key(userid_t user_id, int serial, const char* token_hex,
				733	const char* old_secret_hex, const char* new_secret_hex) {
				734	LOG(DEBUG) << "e4crypt_change_user_key " << user_id << " serial=" << serial
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	735	<< " token_present=" << (strcmp(token_hex, "!") != 0);
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	736	if (!e4crypt_is_native()) return true;
				737	if (s_ephemeral_users.count(user_id) != 0) return true;
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	738	std::string token, old_secret, new_secret;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	739	if (!parse_hex(token_hex, &token)) return false;
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	740	if (!parse_hex(old_secret_hex, &old_secret)) return false;
				741	if (!parse_hex(new_secret_hex, &new_secret)) return false;
				742	auto old_auth = old_secret.empty() ? kEmptyAuthentication
				743	: android::vold::KeyAuthentication(token, old_secret);
				744	auto new_auth = new_secret.empty() ? kEmptyAuthentication
				745	: android::vold::KeyAuthentication(token, new_secret);
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	746	auto it = s_ce_keys.find(user_id);
				747	if (it == s_ce_keys.end()) {
				748	LOG(ERROR) << "Key not loaded into memory, can't change for user " << user_id;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	749	return false;
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	750	}
				751	auto ce_key = it->second;
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	752	auto ce_key_path = get_ce_key_path(user_id);
				753	std::string trial_key;
				754	if (!android::vold::retrieveKey(ce_key_path, old_auth, &trial_key)) {
				755	LOG(WARNING) << "change_user_key wasn't given enough info to reconstruct the key";
				756	} else if (ce_key != trial_key) {
				757	LOG(WARNING) << "Reconstructed key != stored key";
Paul Crowley	ad2eb64	2016-02-10 17:56:05 +0000	[diff] [blame]	758	}
Paul Crowley	d402389	2016-05-10 20:36:43 +0000	[diff] [blame]	759	android::vold::destroyKey(ce_key_path);
				760	if (!store_key(ce_key_path, user_key_temp, new_auth, ce_key)) return false;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	761	return true;
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	762	}
				763
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	764	// TODO: rename to 'install' for consistency, and take flags to know which keys to install
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	765	bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token_hex,
				766	const char* secret_hex) {
				767	LOG(DEBUG) << "e4crypt_unlock_user_key " << user_id << " serial=" << serial
				768	<< " token_present=" << (strcmp(token_hex, "!") != 0);
Jeff Sharkey	fc505c3	2015-12-07 17:27:01 -0700	[diff] [blame]	769	if (e4crypt_is_native()) {
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	770	if (s_ce_key_raw_refs.count(user_id) != 0) {
				771	LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	772	return true;
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	773	}
				774	std::string token, secret;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	775	if (!parse_hex(token_hex, &token)) return false;
				776	if (!parse_hex(secret_hex, &secret)) return false;
Paul Crowley	0572080	2016-02-08 15:55:41 +0000	[diff] [blame]	777	android::vold::KeyAuthentication auth(token, secret);
				778	if (!read_and_install_user_ce_key(user_id, auth)) {
Paul Crowley	8fb12fd	2016-02-01 14:28:12 +0000	[diff] [blame]	779	LOG(ERROR) << "Couldn't read key for " << user_id;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	780	return false;
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	781	}
Jeff Sharkey	fc505c3	2015-12-07 17:27:01 -0700	[diff] [blame]	782	} else {
				783	// When in emulation mode, we just use chmod. However, we also
				784	// unlock directories when not in emulation mode, to bring devices
				785	// back into a known-good state.
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	786	if (!emulated_unlock(android::vold::BuildDataSystemCePath(user_id), 0771) \|\|
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	787	!emulated_unlock(android::vold::BuildDataMiscCePath(user_id), 01771) \|\|
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	788	!emulated_unlock(android::vold::BuildDataMediaCePath(nullptr, user_id), 0770) \|\|
				789	!emulated_unlock(android::vold::BuildDataUserCePath(nullptr, user_id), 0771)) {
Jeff Sharkey	7a9dd95	2016-01-12 16:52:16 -0700	[diff] [blame]	790	LOG(ERROR) << "Failed to unlock user " << user_id;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	791	return false;
Jeff Sharkey	fc505c3	2015-12-07 17:27:01 -0700	[diff] [blame]	792	}
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	793	}
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	794	return true;
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	795	}
				796
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	797	// TODO: rename to 'evict' for consistency
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	798	bool e4crypt_lock_user_key(userid_t user_id) {
Jeff Sharkey	fc505c3	2015-12-07 17:27:01 -0700	[diff] [blame]	799	if (e4crypt_is_native()) {
				800	// TODO: remove from kernel keyring
				801	} else if (e4crypt_is_emulated()) {
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	802	// When in emulation mode, we just use chmod
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	803	if (!emulated_lock(android::vold::BuildDataSystemCePath(user_id)) \|\|
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	804	!emulated_lock(android::vold::BuildDataMiscCePath(user_id)) \|\|
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	805	!emulated_lock(android::vold::BuildDataMediaCePath(nullptr, user_id)) \|\|
				806	!emulated_lock(android::vold::BuildDataUserCePath(nullptr, user_id))) {
Paul Crowley	57eedbf	2016-02-09 09:30:23 +0000	[diff] [blame]	807	LOG(ERROR) << "Failed to lock user " << user_id;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	808	return false;
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	809	}
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	810	}
Jeff Sharkey	fc505c3	2015-12-07 17:27:01 -0700	[diff] [blame]	811
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	812	return true;
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	813	}
				814
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	815	bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial,
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	816	int flags) {
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	817	LOG(DEBUG) << "e4crypt_prepare_user_storage for volume " << escape_null(volume_uuid)
Paul Crowley	df528a7	2016-03-09 09:31:37 -0800	[diff] [blame]	818	<< ", user " << user_id << ", serial " << serial << ", flags " << flags;
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	819
				820	if (flags & FLAG_STORAGE_DE) {
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	821	// DE_sys key
				822	auto system_legacy_path = android::vold::BuildDataSystemLegacyPath(user_id);
				823	auto misc_legacy_path = android::vold::BuildDataMiscLegacyPath(user_id);
				824	auto profiles_de_path = android::vold::BuildDataProfilesDePath(user_id);
				825	auto foreign_de_path = android::vold::BuildDataProfilesForeignDexDePath(user_id);
				826
				827	// DE_n key
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	828	auto system_de_path = android::vold::BuildDataSystemDePath(user_id);
				829	auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);
				830	auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
				831
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	832	if (!prepare_dir(system_legacy_path, 0700, AID_SYSTEM, AID_SYSTEM)) return false;
				833	#if MANAGE_MISC_DIRS
				834	if (!prepare_dir(misc_legacy_path, 0750, multiuser_get_uid(user_id, AID_SYSTEM),
				835	multiuser_get_uid(user_id, AID_EVERYBODY))) return false;
				836	#endif
				837	if (!prepare_dir(profiles_de_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
				838	if (!prepare_dir(foreign_de_path, 0773, AID_SYSTEM, AID_SYSTEM)) return false;
				839
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	840	if (!prepare_dir(system_de_path, 0770, AID_SYSTEM, AID_SYSTEM)) return false;
				841	if (!prepare_dir(misc_de_path, 01771, AID_SYSTEM, AID_MISC)) return false;
				842	if (!prepare_dir(user_de_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
Calin Juravle	d1ee944	2016-03-02 18:36:50 +0000	[diff] [blame]	843
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	844	// For now, FBE is only supported on internal storage
				845	if (e4crypt_is_native() && volume_uuid == nullptr) {
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	846	std::string de_raw_ref;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	847	if (!lookup_key_ref(s_de_key_raw_refs, user_id, &de_raw_ref)) return false;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	848	if (!ensure_policy(de_raw_ref, system_de_path)) return false;
				849	if (!ensure_policy(de_raw_ref, misc_de_path)) return false;
				850	if (!ensure_policy(de_raw_ref, user_de_path)) return false;
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	851	}
Paul Crowley	285956f	2016-01-20 13:12:38 +0000	[diff] [blame]	852	}
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	853
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	854	if (flags & FLAG_STORAGE_CE) {
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	855	// CE_n key
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	856	auto system_ce_path = android::vold::BuildDataSystemCePath(user_id);
				857	auto misc_ce_path = android::vold::BuildDataMiscCePath(user_id);
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	858	auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
				859	auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	860
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	861	if (!prepare_dir(system_ce_path, 0770, AID_SYSTEM, AID_SYSTEM)) return false;
				862	if (!prepare_dir(misc_ce_path, 01771, AID_SYSTEM, AID_MISC)) return false;
				863	if (!prepare_dir(media_ce_path, 0770, AID_MEDIA_RW, AID_MEDIA_RW)) return false;
				864	if (!prepare_dir(user_ce_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	865
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	866	// For now, FBE is only supported on internal storage
				867	if (e4crypt_is_native() && volume_uuid == nullptr) {
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	868	std::string ce_raw_ref;
Paul Crowley	a051eb7	2016-03-08 16:08:32 -0800	[diff] [blame]	869	if (!lookup_key_ref(s_ce_key_raw_refs, user_id, &ce_raw_ref)) return false;
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	870	if (!ensure_policy(ce_raw_ref, system_ce_path)) return false;
				871	if (!ensure_policy(ce_raw_ref, misc_ce_path)) return false;
				872	if (!ensure_policy(ce_raw_ref, media_ce_path)) return false;
				873	if (!ensure_policy(ce_raw_ref, user_ce_path)) return false;
Jeff Sharkey	47695b2	2016-02-01 17:02:29 -0700	[diff] [blame]	874	}
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	875	}
				876
Paul Crowley	76107cb	2016-02-09 10:04:39 +0000	[diff] [blame]	877	return true;
Jeff Sharkey	d2c96e7	2015-11-08 17:56:23 -0800	[diff] [blame]	878	}
Jeff Sharkey	be70c9a	2016-04-14 20:45:16 -0600	[diff] [blame]	879
				880	bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int flags) {
				881	LOG(DEBUG) << "e4crypt_destroy_user_storage for volume " << escape_null(volume_uuid)
				882	<< ", user " << user_id << ", flags " << flags;
				883	bool res = true;
				884
				885	if (flags & FLAG_STORAGE_DE) {
				886	// DE_sys key
				887	auto system_legacy_path = android::vold::BuildDataSystemLegacyPath(user_id);
				888	auto misc_legacy_path = android::vold::BuildDataMiscLegacyPath(user_id);
				889	auto profiles_de_path = android::vold::BuildDataProfilesDePath(user_id);
				890	auto foreign_de_path = android::vold::BuildDataProfilesForeignDexDePath(user_id);
				891
				892	// DE_n key
				893	auto system_de_path = android::vold::BuildDataSystemDePath(user_id);
				894	auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);
				895	auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
				896
				897	if (volume_uuid == nullptr) {
				898	res &= destroy_dir(system_legacy_path);
				899	#if MANAGE_MISC_DIRS
				900	res &= destroy_dir(misc_legacy_path);
				901	#endif
				902	res &= destroy_dir(profiles_de_path);
				903	res &= destroy_dir(foreign_de_path);
				904	res &= destroy_dir(system_de_path);
				905	res &= destroy_dir(misc_de_path);
				906	}
				907	res &= destroy_dir(user_de_path);
				908	}
				909
				910	if (flags & FLAG_STORAGE_CE) {
				911	// CE_n key
				912	auto system_ce_path = android::vold::BuildDataSystemCePath(user_id);
				913	auto misc_ce_path = android::vold::BuildDataMiscCePath(user_id);
				914	auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
				915	auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
				916
				917	if (volume_uuid == nullptr) {
				918	res &= destroy_dir(system_ce_path);
				919	res &= destroy_dir(misc_ce_path);
				920	}
				921	res &= destroy_dir(media_ce_path);
				922	res &= destroy_dir(user_ce_path);
				923	}
				924
				925	return res;
				926	}