Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_system_vold / e334aab65bfb3d6f43d6ecf929d166a38fae2007 / . / VoldNativeService.cpp
blob: 11a9398604d24b8d4dd97ad490fdbb0c06ab73dc [file] [log] [blame]
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]1/*
2 * Copyright (C) 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Jeff Sharkey67b8c492017-09-21 17:08:43 -0600[diff] [blame]17#define ATRACE_TAG ATRACE_TAG_PACKAGE_MANAGER
18
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]19#include "VoldNativeService.h"
Jeff Sharkey01a0e7f2017-10-17 16:06:32 -0600[diff] [blame]20#include "Benchmark.h"
Jeff Sharkey2048a282017-06-15 09:59:43 -0600[diff] [blame]21#include "CheckEncryption.h"
22#include "IdleMaint.h"
Jeff Sharkey01a0e7f2017-10-17 16:06:32 -0600[diff] [blame]23#include "MoveStorage.h"
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]24#include "Process.h"
Jeff Sharkey2048a282017-06-15 09:59:43 -0600[diff] [blame]25#include "VolumeManager.h"
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]26
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]27#include "Checkpoint.h"
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]28#include "Ext4Crypt.h"
29#include "MetadataCrypt.h"
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]30#include "cryptfs.h"
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]31
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]32#include <fstream>
Jeff Sharkey01a0e7f2017-10-17 16:06:32 -0600[diff] [blame]33#include <thread>
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]34
35#include <android-base/logging.h>
36#include <android-base/stringprintf.h>
37#include <android-base/strings.h>
Paul Crowley3b71fc52017-10-09 10:55:21 -0700[diff] [blame]38#include <ext4_utils/ext4_crypt.h>
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]39#include <fs_mgr.h>
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]40#include <private/android_filesystem_config.h>
Jeff Sharkey67b8c492017-09-21 17:08:43 -0600[diff] [blame]41#include <utils/Trace.h>
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]42
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]43using android::base::StringPrintf;
44using std::endl;
45
46namespace android {
47namespace vold {
48
49namespace {
50
51constexpr const char* kDump = "android.permission.DUMP";
52
53static binder::Status ok() {
54 return binder::Status::ok();
55}
56
57static binder::Status exception(uint32_t code, const std::string& msg) {
58 return binder::Status::fromExceptionCode(code, String8(msg.c_str()));
59}
60
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]61static binder::Status error(const std::string& msg) {
62 PLOG(ERROR) << msg;
63 return binder::Status::fromServiceSpecificError(errno, String8(msg.c_str()));
64}
65
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]66static binder::Status translate(int status) {
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]67 if (status == 0) {
68 return binder::Status::ok();
69 } else {
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]70 return binder::Status::fromServiceSpecificError(status);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]71 }
72}
73
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]74static binder::Status translateBool(bool status) {
75 if (status) {
76 return binder::Status::ok();
77 } else {
78 return binder::Status::fromServiceSpecificError(status);
79 }
80}
81
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]82binder::Status checkPermission(const char* permission) {
83 pid_t pid;
84 uid_t uid;
85
86 if (checkCallingPermission(String16(permission), reinterpret_cast<int32_t*>(&pid),
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]87 reinterpret_cast<int32_t*>(&uid))) {
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]88 return ok();
89 } else {
90 return exception(binder::Status::EX_SECURITY,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]91 StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission));
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]92 }
93}
94
95binder::Status checkUid(uid_t expectedUid) {
96 uid_t uid = IPCThreadState::self()->getCallingUid();
97 if (uid == expectedUid || uid == AID_ROOT) {
98 return ok();
99 } else {
100 return exception(binder::Status::EX_SECURITY,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]101 StringPrintf("UID %d is not expected UID %d", uid, expectedUid));
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]102 }
103}
104
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]105binder::Status checkArgumentId(const std::string& id) {
106 if (id.empty()) {
107 return exception(binder::Status::EX_ILLEGAL_ARGUMENT, "Missing ID");
108 }
109 for (const char& c : id) {
110 if (!std::isalnum(c) && c != ':' && c != ',') {
111 return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]112 StringPrintf("ID %s is malformed", id.c_str()));
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]113 }
114 }
115 return ok();
116}
117
118binder::Status checkArgumentPath(const std::string& path) {
119 if (path.empty()) {
120 return exception(binder::Status::EX_ILLEGAL_ARGUMENT, "Missing path");
121 }
122 if (path[0] != '/') {
123 return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]124 StringPrintf("Path %s is relative", path.c_str()));
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]125 }
Jeff Sharkey01a0e7f2017-10-17 16:06:32 -0600[diff] [blame]126 if ((path + '/').find("/../") != std::string::npos) {
127 return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]128 StringPrintf("Path %s is shady", path.c_str()));
Jeff Sharkey01a0e7f2017-10-17 16:06:32 -0600[diff] [blame]129 }
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]130 for (const char& c : path) {
131 if (c == '\0' || c == '\n') {
132 return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]133 StringPrintf("Path %s is malformed", path.c_str()));
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]134 }
135 }
136 return ok();
137}
138
139binder::Status checkArgumentHex(const std::string& hex) {
140 // Empty hex strings are allowed
141 for (const char& c : hex) {
142 if (!std::isxdigit(c) && c != ':' && c != '-') {
143 return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]144 StringPrintf("Hex %s is malformed", hex.c_str()));
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]145 }
146 }
147 return ok();
148}
149
Sudheer Shankacc0df592018-08-02 10:21:42 -0700[diff] [blame]150binder::Status checkArgumentPackageName(const std::string& packageName) {
151 // This logic is borrowed from PackageParser.java
152 bool hasSep = false;
153 bool front = true;
154
155 for (size_t i = 0; i < packageName.length(); ++i) {
156 char c = packageName[i];
157 if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) {
158 front = false;
159 continue;
160 }
161 if (!front) {
162 if ((c >= '0' && c <= '9') || c == '_') {
163 continue;
164 }
165 }
166 if (c == '.') {
167 hasSep = true;
168 front = true;
169 continue;
170 }
171 return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]172 StringPrintf("Bad package character %c in %s", c, packageName.c_str()));
Sudheer Shankacc0df592018-08-02 10:21:42 -0700[diff] [blame]173 }
174
175 if (front) {
176 return exception(binder::Status::EX_ILLEGAL_ARGUMENT,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]177 StringPrintf("Missing separator in %s", packageName.c_str()));
Sudheer Shankacc0df592018-08-02 10:21:42 -0700[diff] [blame]178 }
179
180 return ok();
181}
182
183binder::Status checkArgumentPackageNames(const std::vector<std::string>& packageNames) {
184 for (size_t i = 0; i < packageNames.size(); ++i) {
185 binder::Status status = checkArgumentPackageName(packageNames[i]);
186 if (!status.isOk()) {
187 return status;
188 }
189 }
190 return ok();
191}
192
193binder::Status checkArgumentSandboxId(const std::string& sandboxId) {
194 // sandboxId will be in either the format shared:<shared-user-id> or <package-name>
195 // and <shared-user-id> name has same requirements as <package-name>.
196 std::size_t nameStartIndex = 0;
Greg Kaisere3f59322018-08-06 06:16:29 -0700[diff] [blame]197 if (android::base::StartsWith(sandboxId, "shared:")) {
198 nameStartIndex = 7; // len("shared:")
Sudheer Shankacc0df592018-08-02 10:21:42 -0700[diff] [blame]199 }
200 return checkArgumentPackageName(sandboxId.substr(nameStartIndex));
201}
202
203binder::Status checkArgumentSandboxIds(const std::vector<std::string>& sandboxIds) {
204 for (size_t i = 0; i < sandboxIds.size(); ++i) {
205 binder::Status status = checkArgumentSandboxId(sandboxIds[i]);
206 if (!status.isOk()) {
207 return status;
208 }
209 }
210 return ok();
211}
212
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]213#define ENFORCE_UID(uid) \
214 { \
215 binder::Status status = checkUid((uid)); \
216 if (!status.isOk()) { \
217 return status; \
218 } \
219 }
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]220
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]221#define CHECK_ARGUMENT_ID(id) \
222 { \
223 binder::Status status = checkArgumentId((id)); \
224 if (!status.isOk()) { \
225 return status; \
226 } \
227 }
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]228
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]229#define CHECK_ARGUMENT_PATH(path) \
230 { \
231 binder::Status status = checkArgumentPath((path)); \
232 if (!status.isOk()) { \
233 return status; \
234 } \
235 }
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]236
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]237#define CHECK_ARGUMENT_HEX(hex) \
238 { \
239 binder::Status status = checkArgumentHex((hex)); \
240 if (!status.isOk()) { \
241 return status; \
242 } \
243 }
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]244
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]245#define CHECK_ARGUMENT_PACKAGE_NAMES(packageNames) \
246 { \
247 binder::Status status = checkArgumentPackageNames((packageNames)); \
248 if (!status.isOk()) { \
249 return status; \
250 } \
251 }
Sudheer Shankacc0df592018-08-02 10:21:42 -0700[diff] [blame]252
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]253#define CHECK_ARGUMENT_SANDBOX_IDS(sandboxIds) \
254 { \
255 binder::Status status = checkArgumentSandboxIds((sandboxIds)); \
256 if (!status.isOk()) { \
257 return status; \
258 } \
259 }
Sudheer Shankacc0df592018-08-02 10:21:42 -0700[diff] [blame]260
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]261#define CHECK_ARGUMENT_PACKAGE_NAME(packageName) \
262 { \
263 binder::Status status = checkArgumentPackageName((packageName)); \
264 if (!status.isOk()) { \
265 return status; \
266 } \
267 }
Sudheer Shankac7562092018-08-24 10:20:56 -0700[diff] [blame]268
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]269#define CHECK_ARGUMENT_SANDBOX_ID(sandboxId) \
270 { \
271 binder::Status status = checkArgumentSandboxId((sandboxId)); \
272 if (!status.isOk()) { \
273 return status; \
274 } \
275 }
Sudheer Shankac7562092018-08-24 10:20:56 -0700[diff] [blame]276
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]277#define ACQUIRE_LOCK \
Jeff Sharkey67b8c492017-09-21 17:08:43 -0600[diff] [blame]278 std::lock_guard<std::mutex> lock(VolumeManager::Instance()->getLock()); \
279 ATRACE_CALL();
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]280
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]281#define ACQUIRE_CRYPT_LOCK \
Jeff Sharkey67b8c492017-09-21 17:08:43 -0600[diff] [blame]282 std::lock_guard<std::mutex> lock(VolumeManager::Instance()->getCryptLock()); \
283 ATRACE_CALL();
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]284
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]285} // namespace
286
287status_t VoldNativeService::start() {
288 IPCThreadState::self()->disableBackgroundScheduling(true);
289 status_t ret = BinderService<VoldNativeService>::publish();
290 if (ret != android::OK) {
291 return ret;
292 }
293 sp<ProcessState> ps(ProcessState::self());
294 ps->startThreadPool();
295 ps->giveThreadPoolName();
296 return android::OK;
297}
298
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]299status_t VoldNativeService::dump(int fd, const Vector<String16>& /* args */) {
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]300 auto out = std::fstream(StringPrintf("/proc/self/fd/%d", fd));
301 const binder::Status dump_permission = checkPermission(kDump);
302 if (!dump_permission.isOk()) {
303 out << dump_permission.toString8() << endl;
304 return PERMISSION_DENIED;
305 }
306
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]307 ACQUIRE_LOCK;
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]308 out << "vold is happy!" << endl;
309 out.flush();
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]310 return NO_ERROR;
311}
312
Jeff Sharkey814e9d32017-09-13 11:49:44 -0600[diff] [blame]313binder::Status VoldNativeService::setListener(
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]314 const android::sp<android::os::IVoldListener>& listener) {
Jeff Sharkey814e9d32017-09-13 11:49:44 -0600[diff] [blame]315 ENFORCE_UID(AID_SYSTEM);
316 ACQUIRE_LOCK;
317
318 VolumeManager::Instance()->setListener(listener);
319 return ok();
320}
321
Jeff Sharkeycbe69fc2017-09-15 16:50:28 -0600[diff] [blame]322binder::Status VoldNativeService::monitor() {
323 ENFORCE_UID(AID_SYSTEM);
324
325 // Simply acquire/release each lock for watchdog
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]326 { ACQUIRE_LOCK; }
327 { ACQUIRE_CRYPT_LOCK; }
Jeff Sharkeycbe69fc2017-09-15 16:50:28 -0600[diff] [blame]328
329 return ok();
330}
331
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]332binder::Status VoldNativeService::reset() {
333 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]334 ACQUIRE_LOCK;
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]335
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]336 return translate(VolumeManager::Instance()->reset());
337}
338
339binder::Status VoldNativeService::shutdown() {
340 ENFORCE_UID(AID_SYSTEM);
341 ACQUIRE_LOCK;
342
343 return translate(VolumeManager::Instance()->shutdown());
344}
345
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]346binder::Status VoldNativeService::onUserAdded(int32_t userId, int32_t userSerial) {
347 ENFORCE_UID(AID_SYSTEM);
348 ACQUIRE_LOCK;
349
350 return translate(VolumeManager::Instance()->onUserAdded(userId, userSerial));
351}
352
353binder::Status VoldNativeService::onUserRemoved(int32_t userId) {
354 ENFORCE_UID(AID_SYSTEM);
355 ACQUIRE_LOCK;
356
357 return translate(VolumeManager::Instance()->onUserRemoved(userId));
358}
359
Sudheer Shankaebaad1c2018-07-31 16:39:59 -0700[diff] [blame]360binder::Status VoldNativeService::onUserStarted(int32_t userId,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]361 const std::vector<std::string>& packageNames) {
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]362 ENFORCE_UID(AID_SYSTEM);
Sudheer Shankacc0df592018-08-02 10:21:42 -0700[diff] [blame]363 CHECK_ARGUMENT_PACKAGE_NAMES(packageNames);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]364 ACQUIRE_LOCK;
365
Sudheer Shankaebaad1c2018-07-31 16:39:59 -0700[diff] [blame]366 return translate(VolumeManager::Instance()->onUserStarted(userId, packageNames));
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]367}
368
369binder::Status VoldNativeService::onUserStopped(int32_t userId) {
370 ENFORCE_UID(AID_SYSTEM);
371 ACQUIRE_LOCK;
372
373 return translate(VolumeManager::Instance()->onUserStopped(userId));
374}
375
Sudheer Shankad484aa92018-07-31 10:07:34 -0700[diff] [blame]376binder::Status VoldNativeService::addAppIds(const std::vector<std::string>& packageNames,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]377 const std::vector<int32_t>& appIds) {
Sudheer Shankad484aa92018-07-31 10:07:34 -0700[diff] [blame]378 ENFORCE_UID(AID_SYSTEM);
Sudheer Shankacc0df592018-08-02 10:21:42 -0700[diff] [blame]379 CHECK_ARGUMENT_PACKAGE_NAMES(packageNames);
Sudheer Shankad484aa92018-07-31 10:07:34 -0700[diff] [blame]380 ACQUIRE_LOCK;
381
382 return translate(VolumeManager::Instance()->addAppIds(packageNames, appIds));
383}
384
Sudheer Shankad484aa92018-07-31 10:07:34 -0700[diff] [blame]385binder::Status VoldNativeService::addSandboxIds(const std::vector<int32_t>& appIds,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]386 const std::vector<std::string>& sandboxIds) {
Sudheer Shankad484aa92018-07-31 10:07:34 -0700[diff] [blame]387 ENFORCE_UID(AID_SYSTEM);
Sudheer Shankacc0df592018-08-02 10:21:42 -0700[diff] [blame]388 CHECK_ARGUMENT_SANDBOX_IDS(sandboxIds);
Sudheer Shankad484aa92018-07-31 10:07:34 -0700[diff] [blame]389 ACQUIRE_LOCK;
390
391 return translate(VolumeManager::Instance()->addSandboxIds(appIds, sandboxIds));
392}
393
Jeff Sharkey401b2602017-12-14 22:15:20 -0700[diff] [blame]394binder::Status VoldNativeService::onSecureKeyguardStateChanged(bool isShowing) {
395 ENFORCE_UID(AID_SYSTEM);
396 ACQUIRE_LOCK;
397
398 return translate(VolumeManager::Instance()->onSecureKeyguardStateChanged(isShowing));
399}
400
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]401binder::Status VoldNativeService::partition(const std::string& diskId, int32_t partitionType,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]402 int32_t ratio) {
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]403 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]404 CHECK_ARGUMENT_ID(diskId);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]405 ACQUIRE_LOCK;
406
407 auto disk = VolumeManager::Instance()->findDisk(diskId);
408 if (disk == nullptr) {
409 return error("Failed to find disk " + diskId);
410 }
411 switch (partitionType) {
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]412 case PARTITION_TYPE_PUBLIC:
413 return translate(disk->partitionPublic());
414 case PARTITION_TYPE_PRIVATE:
415 return translate(disk->partitionPrivate());
416 case PARTITION_TYPE_MIXED:
417 return translate(disk->partitionMixed(ratio));
418 default:
419 return error("Unknown type " + std::to_string(partitionType));
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]420 }
421}
422
Jeff Sharkey3ce18252017-10-24 11:08:45 -0600[diff] [blame]423binder::Status VoldNativeService::forgetPartition(const std::string& partGuid,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]424 const std::string& fsUuid) {
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]425 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]426 CHECK_ARGUMENT_HEX(partGuid);
Jeff Sharkey3ce18252017-10-24 11:08:45 -0600[diff] [blame]427 CHECK_ARGUMENT_HEX(fsUuid);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]428 ACQUIRE_LOCK;
429
Jeff Sharkey3ce18252017-10-24 11:08:45 -0600[diff] [blame]430 return translate(VolumeManager::Instance()->forgetPartition(partGuid, fsUuid));
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]431}
432
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]433binder::Status VoldNativeService::mount(const std::string& volId, int32_t mountFlags,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]434 int32_t mountUserId) {
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]435 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]436 CHECK_ARGUMENT_ID(volId);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]437 ACQUIRE_LOCK;
438
439 auto vol = VolumeManager::Instance()->findVolume(volId);
440 if (vol == nullptr) {
441 return error("Failed to find volume " + volId);
442 }
443
444 vol->setMountFlags(mountFlags);
445 vol->setMountUserId(mountUserId);
446
447 int res = vol->mount();
Sudheer Shanka40ab6742018-09-18 13:07:45 -0700[diff] [blame]448 if (res != OK) {
449 return translate(res);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]450 }
Sudheer Shanka40ab6742018-09-18 13:07:45 -0700[diff] [blame]451 if ((mountFlags & MOUNT_FLAG_PRIMARY) != 0) {
452 res = VolumeManager::Instance()->setPrimary(vol);
453 if (res != OK) {
454 return translate(res);
455 }
456 }
457 return translate(OK);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]458}
459
460binder::Status VoldNativeService::unmount(const std::string& volId) {
461 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]462 CHECK_ARGUMENT_ID(volId);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]463 ACQUIRE_LOCK;
464
465 auto vol = VolumeManager::Instance()->findVolume(volId);
466 if (vol == nullptr) {
467 return error("Failed to find volume " + volId);
468 }
469 return translate(vol->unmount());
470}
471
472binder::Status VoldNativeService::format(const std::string& volId, const std::string& fsType) {
473 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]474 CHECK_ARGUMENT_ID(volId);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]475 ACQUIRE_LOCK;
476
477 auto vol = VolumeManager::Instance()->findVolume(volId);
478 if (vol == nullptr) {
479 return error("Failed to find volume " + volId);
480 }
481 return translate(vol->format(fsType));
482}
483
Jeff Sharkey2048a282017-06-15 09:59:43 -0600[diff] [blame]484static binder::Status pathForVolId(const std::string& volId, std::string* path) {
Jeff Sharkey52f7a912017-09-15 12:57:44 -0600[diff] [blame]485 if (volId == "private" || volId == "null") {
Jeff Sharkey2048a282017-06-15 09:59:43 -0600[diff] [blame]486 *path = "/data";
Jeff Sharkey52f7a912017-09-15 12:57:44 -0600[diff] [blame]487 } else {
488 auto vol = VolumeManager::Instance()->findVolume(volId);
489 if (vol == nullptr) {
490 return error("Failed to find volume " + volId);
491 }
492 if (vol->getType() != VolumeBase::Type::kPrivate) {
493 return error("Volume " + volId + " not private");
494 }
495 if (vol->getState() != VolumeBase::State::kMounted) {
496 return error("Volume " + volId + " not mounted");
497 }
Jeff Sharkey2048a282017-06-15 09:59:43 -0600[diff] [blame]498 *path = vol->getPath();
499 if (path->empty()) {
500 return error("Volume " + volId + " missing path");
501 }
Jeff Sharkey52f7a912017-09-15 12:57:44 -0600[diff] [blame]502 }
Jeff Sharkey2048a282017-06-15 09:59:43 -0600[diff] [blame]503 return ok();
504}
Jeff Sharkey52f7a912017-09-15 12:57:44 -0600[diff] [blame]505
Jeff Sharkey2048a282017-06-15 09:59:43 -0600[diff] [blame]506binder::Status VoldNativeService::benchmark(
507 const std::string& volId, const android::sp<android::os::IVoldTaskListener>& listener) {
508 ENFORCE_UID(AID_SYSTEM);
509 CHECK_ARGUMENT_ID(volId);
510 ACQUIRE_LOCK;
511
512 std::string path;
513 auto status = pathForVolId(volId, &path);
514 if (!status.isOk()) return status;
Jeff Sharkey52f7a912017-09-15 12:57:44 -0600[diff] [blame]515
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]516 std::thread([=]() { android::vold::Benchmark(path, listener); }).detach();
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]517 return ok();
518}
519
Jeff Sharkey2048a282017-06-15 09:59:43 -0600[diff] [blame]520binder::Status VoldNativeService::checkEncryption(const std::string& volId) {
521 ENFORCE_UID(AID_SYSTEM);
522 CHECK_ARGUMENT_ID(volId);
523 ACQUIRE_LOCK;
524
525 std::string path;
526 auto status = pathForVolId(volId, &path);
527 if (!status.isOk()) return status;
528 return translate(android::vold::CheckEncryption(path));
529}
530
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]531binder::Status VoldNativeService::moveStorage(
532 const std::string& fromVolId, const std::string& toVolId,
533 const android::sp<android::os::IVoldTaskListener>& listener) {
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]534 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]535 CHECK_ARGUMENT_ID(fromVolId);
536 CHECK_ARGUMENT_ID(toVolId);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]537 ACQUIRE_LOCK;
538
539 auto fromVol = VolumeManager::Instance()->findVolume(fromVolId);
540 auto toVol = VolumeManager::Instance()->findVolume(toVolId);
541 if (fromVol == nullptr) {
542 return error("Failed to find volume " + fromVolId);
543 } else if (toVol == nullptr) {
544 return error("Failed to find volume " + toVolId);
545 }
Jeff Sharkey01a0e7f2017-10-17 16:06:32 -0600[diff] [blame]546
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]547 std::thread([=]() { android::vold::MoveStorage(fromVol, toVol, listener); }).detach();
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]548 return ok();
549}
550
551binder::Status VoldNativeService::remountUid(int32_t uid, int32_t remountMode) {
552 ENFORCE_UID(AID_SYSTEM);
553 ACQUIRE_LOCK;
554
555 std::string tmp;
556 switch (remountMode) {
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]557 case REMOUNT_MODE_NONE:
558 tmp = "none";
559 break;
560 case REMOUNT_MODE_DEFAULT:
561 tmp = "default";
562 break;
563 case REMOUNT_MODE_READ:
564 tmp = "read";
565 break;
566 case REMOUNT_MODE_WRITE:
567 tmp = "write";
568 break;
569 default:
570 return error("Unknown mode " + std::to_string(remountMode));
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]571 }
572 return translate(VolumeManager::Instance()->remountUid(uid, tmp));
573}
574
575binder::Status VoldNativeService::mkdirs(const std::string& path) {
576 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]577 CHECK_ARGUMENT_PATH(path);
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]578 ACQUIRE_LOCK;
579
Jeff Sharkey3472e522017-10-06 18:02:53 -0600[diff] [blame]580 return translate(VolumeManager::Instance()->mkdirs(path));
Jeff Sharkey9462bdd2017-09-07 15:27:28 -0600[diff] [blame]581}
582
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]583binder::Status VoldNativeService::createObb(const std::string& sourcePath,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]584 const std::string& sourceKey, int32_t ownerGid,
585 std::string* _aidl_return) {
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]586 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]587 CHECK_ARGUMENT_PATH(sourcePath);
588 CHECK_ARGUMENT_HEX(sourceKey);
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]589 ACQUIRE_LOCK;
590
591 return translate(
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]592 VolumeManager::Instance()->createObb(sourcePath, sourceKey, ownerGid, _aidl_return));
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]593}
594
595binder::Status VoldNativeService::destroyObb(const std::string& volId) {
596 ENFORCE_UID(AID_SYSTEM);
Jeff Sharkeyec4fda22017-09-12 13:19:24 -0600[diff] [blame]597 CHECK_ARGUMENT_ID(volId);
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]598 ACQUIRE_LOCK;
599
600 return translate(VolumeManager::Instance()->destroyObb(volId));
601}
602
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]603binder::Status VoldNativeService::fstrim(
604 int32_t fstrimFlags, const android::sp<android::os::IVoldTaskListener>& listener) {
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]605 ENFORCE_UID(AID_SYSTEM);
606 ACQUIRE_LOCK;
607
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]608 std::thread([=]() { android::vold::Trim(listener); }).detach();
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]609 return ok();
610}
611
Jin Qiana370c142017-10-17 15:41:45 -0700[diff] [blame]612binder::Status VoldNativeService::runIdleMaint(
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]613 const android::sp<android::os::IVoldTaskListener>& listener) {
Jin Qiana370c142017-10-17 15:41:45 -0700[diff] [blame]614 ENFORCE_UID(AID_SYSTEM);
615 ACQUIRE_LOCK;
616
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]617 std::thread([=]() { android::vold::RunIdleMaint(listener); }).detach();
Jin Qiana370c142017-10-17 15:41:45 -0700[diff] [blame]618 return ok();
619}
620
621binder::Status VoldNativeService::abortIdleMaint(
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]622 const android::sp<android::os::IVoldTaskListener>& listener) {
Jin Qiana370c142017-10-17 15:41:45 -0700[diff] [blame]623 ENFORCE_UID(AID_SYSTEM);
624 ACQUIRE_LOCK;
625
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]626 std::thread([=]() { android::vold::AbortIdleMaint(listener); }).detach();
Jin Qiana370c142017-10-17 15:41:45 -0700[diff] [blame]627 return ok();
628}
629
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]630binder::Status VoldNativeService::mountAppFuse(int32_t uid, int32_t pid, int32_t mountId,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]631 android::base::unique_fd* _aidl_return) {
Jeff Sharkey11c2d382017-09-11 10:32:01 -0600[diff] [blame]632 ENFORCE_UID(AID_SYSTEM);
633 ACQUIRE_LOCK;
634
635 return translate(VolumeManager::Instance()->mountAppFuse(uid, pid, mountId, _aidl_return));
636}
637
638binder::Status VoldNativeService::unmountAppFuse(int32_t uid, int32_t pid, int32_t mountId) {
639 ENFORCE_UID(AID_SYSTEM);
640 ACQUIRE_LOCK;
641
642 return translate(VolumeManager::Instance()->unmountAppFuse(uid, pid, mountId));
643}
644
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]645binder::Status VoldNativeService::fdeCheckPassword(const std::string& password) {
646 ENFORCE_UID(AID_SYSTEM);
647 ACQUIRE_CRYPT_LOCK;
648
649 return translate(cryptfs_check_passwd(password.c_str()));
650}
651
652binder::Status VoldNativeService::fdeRestart() {
653 ENFORCE_UID(AID_SYSTEM);
654 ACQUIRE_CRYPT_LOCK;
655
656 // Spawn as thread so init can issue commands back to vold without
657 // causing deadlock, usually as a result of prep_data_fs.
658 std::thread(&cryptfs_restart).detach();
659 return ok();
660}
661
662binder::Status VoldNativeService::fdeComplete(int32_t* _aidl_return) {
663 ENFORCE_UID(AID_SYSTEM);
664 ACQUIRE_CRYPT_LOCK;
665
666 *_aidl_return = cryptfs_crypto_complete();
667 return ok();
668}
669
670static int fdeEnableInternal(int32_t passwordType, const std::string& password,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]671 int32_t encryptionFlags) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]672 bool noUi = (encryptionFlags & VoldNativeService::ENCRYPTION_FLAG_NO_UI) != 0;
673
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]674 for (int tries = 0; tries < 2; ++tries) {
675 int rc;
676 if (passwordType == VoldNativeService::PASSWORD_TYPE_DEFAULT) {
Paul Lawrence7ee87cf2017-12-22 10:12:06 -0800[diff] [blame]677 rc = cryptfs_enable_default(noUi);
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]678 } else {
Paul Lawrence7ee87cf2017-12-22 10:12:06 -0800[diff] [blame]679 rc = cryptfs_enable(passwordType, password.c_str(), noUi);
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]680 }
681
682 if (rc == 0) {
683 return 0;
684 } else if (tries == 0) {
Jeff Sharkey3472e522017-10-06 18:02:53 -0600[diff] [blame]685 KillProcessesWithOpenFiles(DATA_MNT_POINT, SIGKILL);
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]686 }
687 }
688
689 return -1;
690}
691
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]692binder::Status VoldNativeService::fdeEnable(int32_t passwordType, const std::string& password,
693 int32_t encryptionFlags) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]694 ENFORCE_UID(AID_SYSTEM);
695 ACQUIRE_CRYPT_LOCK;
696
Paul Crowley0fd26262018-01-30 09:48:19 -0800[diff] [blame]697 LOG(DEBUG) << "fdeEnable(" << passwordType << ", *, " << encryptionFlags << ")";
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]698 if (e4crypt_is_native()) {
Paul Crowley0fd26262018-01-30 09:48:19 -0800[diff] [blame]699 LOG(ERROR) << "e4crypt_is_native, fdeEnable invalid";
700 return error("e4crypt_is_native, fdeEnable invalid");
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]701 }
Paul Crowley0fd26262018-01-30 09:48:19 -0800[diff] [blame]702 LOG(DEBUG) << "!e4crypt_is_native, spawning fdeEnableInternal";
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]703
704 // Spawn as thread so init can issue commands back to vold without
705 // causing deadlock, usually as a result of prep_data_fs.
706 std::thread(&fdeEnableInternal, passwordType, password, encryptionFlags).detach();
707 return ok();
708}
709
710binder::Status VoldNativeService::fdeChangePassword(int32_t passwordType,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]711 const std::string& password) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]712 ENFORCE_UID(AID_SYSTEM);
713 ACQUIRE_CRYPT_LOCK;
714
715 return translate(cryptfs_changepw(passwordType, password.c_str()));
716}
717
718binder::Status VoldNativeService::fdeVerifyPassword(const std::string& password) {
719 ENFORCE_UID(AID_SYSTEM);
720 ACQUIRE_CRYPT_LOCK;
721
722 return translate(cryptfs_verify_passwd(password.c_str()));
723}
724
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]725binder::Status VoldNativeService::fdeGetField(const std::string& key, std::string* _aidl_return) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]726 ENFORCE_UID(AID_SYSTEM);
727 ACQUIRE_CRYPT_LOCK;
728
729 char buf[PROPERTY_VALUE_MAX];
730 if (cryptfs_getfield(key.c_str(), buf, sizeof(buf)) != CRYPTO_GETFIELD_OK) {
731 return error(StringPrintf("Failed to read field %s", key.c_str()));
732 } else {
733 *_aidl_return = buf;
734 return ok();
735 }
736}
737
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]738binder::Status VoldNativeService::fdeSetField(const std::string& key, const std::string& value) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]739 ENFORCE_UID(AID_SYSTEM);
740 ACQUIRE_CRYPT_LOCK;
741
742 return translate(cryptfs_setfield(key.c_str(), value.c_str()));
743}
744
745binder::Status VoldNativeService::fdeGetPasswordType(int32_t* _aidl_return) {
746 ENFORCE_UID(AID_SYSTEM);
747 ACQUIRE_CRYPT_LOCK;
748
749 *_aidl_return = cryptfs_get_password_type();
750 return ok();
751}
752
753binder::Status VoldNativeService::fdeGetPassword(std::string* _aidl_return) {
754 ENFORCE_UID(AID_SYSTEM);
755 ACQUIRE_CRYPT_LOCK;
756
757 const char* res = cryptfs_get_password();
758 if (res != nullptr) {
759 *_aidl_return = res;
760 }
761 return ok();
762}
763
764binder::Status VoldNativeService::fdeClearPassword() {
765 ENFORCE_UID(AID_SYSTEM);
766 ACQUIRE_CRYPT_LOCK;
767
768 cryptfs_clear_password();
769 return ok();
770}
771
772binder::Status VoldNativeService::fbeEnable() {
773 ENFORCE_UID(AID_SYSTEM);
774 ACQUIRE_CRYPT_LOCK;
775
776 return translateBool(e4crypt_initialize_global_de());
777}
778
779binder::Status VoldNativeService::mountDefaultEncrypted() {
780 ENFORCE_UID(AID_SYSTEM);
781 ACQUIRE_CRYPT_LOCK;
782
Paul Crowley0fd26262018-01-30 09:48:19 -0800[diff] [blame]783 if (!e4crypt_is_native()) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]784 // Spawn as thread so init can issue commands back to vold without
785 // causing deadlock, usually as a result of prep_data_fs.
786 std::thread(&cryptfs_mount_default_encrypted).detach();
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]787 }
Paul Crowley0fd26262018-01-30 09:48:19 -0800[diff] [blame]788 return ok();
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]789}
790
791binder::Status VoldNativeService::initUser0() {
792 ENFORCE_UID(AID_SYSTEM);
793 ACQUIRE_CRYPT_LOCK;
794
795 return translateBool(e4crypt_init_user0());
796}
797
798binder::Status VoldNativeService::isConvertibleToFbe(bool* _aidl_return) {
799 ENFORCE_UID(AID_SYSTEM);
800 ACQUIRE_CRYPT_LOCK;
801
802 *_aidl_return = cryptfs_isConvertibleToFBE() != 0;
803 return ok();
804}
805
Paul Crowley0fd26262018-01-30 09:48:19 -0800[diff] [blame]806binder::Status VoldNativeService::mountFstab(const std::string& mountPoint) {
807 ENFORCE_UID(AID_SYSTEM);
808 ACQUIRE_LOCK;
809
810 return translateBool(e4crypt_mount_metadata_encrypted(mountPoint, false));
811}
812
813binder::Status VoldNativeService::encryptFstab(const std::string& mountPoint) {
814 ENFORCE_UID(AID_SYSTEM);
815 ACQUIRE_LOCK;
816
817 return translateBool(e4crypt_mount_metadata_encrypted(mountPoint, true));
818}
819
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]820binder::Status VoldNativeService::createUserKey(int32_t userId, int32_t userSerial, bool ephemeral) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]821 ENFORCE_UID(AID_SYSTEM);
822 ACQUIRE_CRYPT_LOCK;
823
824 return translateBool(e4crypt_vold_create_user_key(userId, userSerial, ephemeral));
825}
826
827binder::Status VoldNativeService::destroyUserKey(int32_t userId) {
828 ENFORCE_UID(AID_SYSTEM);
829 ACQUIRE_CRYPT_LOCK;
830
831 return translateBool(e4crypt_destroy_user_key(userId));
832}
833
834binder::Status VoldNativeService::addUserKeyAuth(int32_t userId, int32_t userSerial,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]835 const std::string& token,
836 const std::string& secret) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]837 ENFORCE_UID(AID_SYSTEM);
838 ACQUIRE_CRYPT_LOCK;
839
Paul Crowley3b71fc52017-10-09 10:55:21 -0700[diff] [blame]840 return translateBool(e4crypt_add_user_key_auth(userId, userSerial, token, secret));
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]841}
842
843binder::Status VoldNativeService::fixateNewestUserKeyAuth(int32_t userId) {
844 ENFORCE_UID(AID_SYSTEM);
845 ACQUIRE_CRYPT_LOCK;
846
847 return translateBool(e4crypt_fixate_newest_user_key_auth(userId));
848}
849
850binder::Status VoldNativeService::unlockUserKey(int32_t userId, int32_t userSerial,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]851 const std::string& token,
852 const std::string& secret) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]853 ENFORCE_UID(AID_SYSTEM);
854 ACQUIRE_CRYPT_LOCK;
855
Paul Crowley3b71fc52017-10-09 10:55:21 -0700[diff] [blame]856 return translateBool(e4crypt_unlock_user_key(userId, userSerial, token, secret));
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]857}
858
859binder::Status VoldNativeService::lockUserKey(int32_t userId) {
860 ENFORCE_UID(AID_SYSTEM);
861 ACQUIRE_CRYPT_LOCK;
862
863 return translateBool(e4crypt_lock_user_key(userId));
864}
865
866binder::Status VoldNativeService::prepareUserStorage(const std::unique_ptr<std::string>& uuid,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]867 int32_t userId, int32_t userSerial,
868 int32_t flags) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]869 ENFORCE_UID(AID_SYSTEM);
Paul Crowley3b71fc52017-10-09 10:55:21 -0700[diff] [blame]870 std::string empty_string = "";
871 auto uuid_ = uuid ? *uuid : empty_string;
Paul Crowley06f762d2017-10-16 10:59:51 -0700[diff] [blame]872 CHECK_ARGUMENT_HEX(uuid_);
873
874 ACQUIRE_CRYPT_LOCK;
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]875 return translateBool(e4crypt_prepare_user_storage(uuid_, userId, userSerial, flags));
876}
877
878binder::Status VoldNativeService::destroyUserStorage(const std::unique_ptr<std::string>& uuid,
Paul Crowleyedf7a4e2018-09-18 15:14:18 -0700[diff] [blame]879 int32_t userId, int32_t flags) {
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]880 ENFORCE_UID(AID_SYSTEM);
Paul Crowley3b71fc52017-10-09 10:55:21 -0700[diff] [blame]881 std::string empty_string = "";
882 auto uuid_ = uuid ? *uuid : empty_string;
Paul Crowley06f762d2017-10-16 10:59:51 -0700[diff] [blame]883 CHECK_ARGUMENT_HEX(uuid_);
884
885 ACQUIRE_CRYPT_LOCK;
Jeff Sharkey83b559c2017-09-12 16:30:52 -0600[diff] [blame]886 return translateBool(e4crypt_destroy_user_storage(uuid_, userId, flags));
887}
888
Sudheer Shankafa6a1742018-10-04 16:26:22 -0700[diff] [blame]889binder::Status VoldNativeService::prepareSandboxForApp(const std::string& packageName,
890 int32_t appId, const std::string& sandboxId,
891 int32_t userId) {
Sudheer Shankac7562092018-08-24 10:20:56 -0700[diff] [blame]892 ENFORCE_UID(AID_SYSTEM);
893 CHECK_ARGUMENT_PACKAGE_NAME(packageName);
894 CHECK_ARGUMENT_SANDBOX_ID(sandboxId);
895 ACQUIRE_LOCK;
896
Sudheer Shankafa6a1742018-10-04 16:26:22 -0700[diff] [blame]897 return translate(
898 VolumeManager::Instance()->prepareSandboxForApp(packageName, appId, sandboxId, userId));
899}
900
901binder::Status VoldNativeService::destroySandboxForApp(const std::string& packageName,
902 int32_t appId, const std::string& sandboxId,
903 int32_t userId) {
904 ENFORCE_UID(AID_SYSTEM);
905 CHECK_ARGUMENT_PACKAGE_NAME(packageName);
906 CHECK_ARGUMENT_SANDBOX_ID(sandboxId);
907 ACQUIRE_LOCK;
908
909 return translate(
910 VolumeManager::Instance()->destroySandboxForApp(packageName, appId, sandboxId, userId));
Sudheer Shankac7562092018-08-24 10:20:56 -0700[diff] [blame]911}
912
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]913binder::Status VoldNativeService::startCheckpoint(int32_t retry) {
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]914 ENFORCE_UID(AID_SYSTEM);
915 ACQUIRE_LOCK;
916
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]917 return cp_startCheckpoint(retry);
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]918}
919
Daniel Rosenbergd3992492018-10-02 17:40:44 -0700[diff] [blame]920binder::Status VoldNativeService::needsRollback(bool* _aidl_return) {
921 ENFORCE_UID(AID_SYSTEM);
922 ACQUIRE_LOCK;
923
924 *_aidl_return = cp_needsRollback();
925 return ok();
926}
927
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]928binder::Status VoldNativeService::needsCheckpoint(bool* _aidl_return) {
929 ENFORCE_UID(AID_SYSTEM);
930 ACQUIRE_LOCK;
931
932 *_aidl_return = cp_needsCheckpoint();
933 return ok();
934}
935
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]936binder::Status VoldNativeService::commitChanges() {
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]937 ENFORCE_UID(AID_SYSTEM);
938 ACQUIRE_LOCK;
939
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]940 return cp_commitChanges();
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]941}
942
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]943binder::Status VoldNativeService::prepareCheckpoint() {
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]944 ENFORCE_UID(AID_SYSTEM);
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]945 ACQUIRE_LOCK;
946
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]947 return cp_prepareCheckpoint();
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]948}
949
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]950binder::Status VoldNativeService::restoreCheckpoint(const std::string& mountPoint) {
Paul Lawrence1abb2fe2018-09-21 10:49:57 -0700[diff] [blame]951 ENFORCE_UID(AID_SYSTEM);
952 CHECK_ARGUMENT_PATH(mountPoint);
953 ACQUIRE_LOCK;
954
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]955 return cp_restoreCheckpoint(mountPoint);
Paul Lawrence1abb2fe2018-09-21 10:49:57 -0700[diff] [blame]956}
957
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]958binder::Status VoldNativeService::markBootAttempt() {
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]959 ENFORCE_UID(AID_SYSTEM);
960 ACQUIRE_LOCK;
961
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]962 return cp_markBootAttempt();
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]963}
964
965binder::Status VoldNativeService::abortChanges() {
966 ENFORCE_UID(AID_SYSTEM);
967 ACQUIRE_LOCK;
968
Daniel Rosenberge334aab2018-10-10 18:52:04 -0700[diff] [blame^]969 return cp_abortChanges();
Daniel Rosenberg4f684712018-08-28 01:58:49 -0700[diff] [blame]970}
971
Jeff Sharkey068c6be2017-09-06 13:47:40 -0600[diff] [blame]972} // namespace vold
973} // namespace android