Skip to content

GitLab

Switch branch/tag
  1. 26 Oct, 2012 1 commit
  3. 25 Sep, 2012 1 commit
    • Jeff Sharkey's avatar
      Handle multi-user mountObb() requests. · 6947904a
      Jeff Sharkey authored 
      Mount OBB containers using shared app GID, so that an app can read
the mount point across users.

Bug: 7212801
Change-Id: Ia1be52df9854c259b20728111f3a2c9facf4beaa
      6947904a
  5. 27 Apr, 2012 2 commits
  7. 25 Apr, 2012 1 commit
    • Kenny Root's avatar
      Add in ext4 support for ASEC containers · 344ca108
      Kenny Root authored 
      Now forward locked applications will be in ASEC containers both internal
to the system and externally.

This change adds support for putting applications in ext4-based ASECs.

Change-Id: I8d6765b72dd2606e429c067b47a2dbcaa8bef37d
      344ca108
  9. 01 Mar, 2012 1 commit
    • Robert Greenwalt's avatar
      Use the new command numbering scheme. · 149aa3eb
      Robert Greenwalt authored 
      Support multiple commands on a single socket via command numbers.
NativeDaemonConnector has been changed, so we need to use it here
too.

bug:5864209
Change-Id: Ie06e966d50057d122a958377731c0385ea367b69
      149aa3eb
  11. 13 Oct, 2011 1 commit
    • Ken Sumrall's avatar
      Add the new verifypw command to vold/cryptfs · 3ad9072a
      Ken Sumrall authored 
      This vold command returns 0 if the given password matches the password
used to decrypt the device on boot.  It returns 1 if they don't match,
and it returns -1 on an internal error, and -2 if the device is not encrypted.

Also check the uid of the sender of the command and only allow the root and
system users to issue cryptfs commands.

Change-Id: I5e5ae3b72a2d7814ae68c2d49aa9deb90fb1dac5
      3ad9072a
  13. 01 Sep, 2011 1 commit
    • Ken Sumrall's avatar
      Add the ability to revert a crypto mapping when unmounting a volume · 0b8b5971
      Ken Sumrall authored 
      Add the force_and_revert option to the unmount command which will force
the unmount, and revert a crypto mapping.  This is used during factory
reset so that when the internal sdcard volume is formatted, it formats
the raw device, not the encrypted mapping.

Change-Id: I36b6ff9bb54863b121de635472a303bf4a2334a9
      0b8b5971
  15. 27 Jun, 2011 1 commit
  17. 07 Jun, 2011 1 commit
  19. 01 Feb, 2011 1 commit
    • Ken Sumrall's avatar
      Improve detection of incomplete encryption · 7f7dbaa2
      Ken Sumrall authored 
      Bug 3384231 is punted to MR1, but the code to set the flag is already
in the tree, so this CL does 3 things:

1.  Comments out the lines that set the flag
2.  Removes the change to the checkpw that was added in the last change.
3.  Implements a new command to check the flag (which no one is calling
    yet and the flag won't be set anyhow).

When MR1 comes, it will be a simple matter to enable the flag setting
code and start testing it.

The fear is a false positive detection of incomplete encryption could
cause people to be prompted to wipe their data when MR1 comes out and
the flag is checked.  Not setting this for first release, and testing
this more before MR1, will give us confidence that the code will not
detect false positives of encryption failure.

Change-Id: I6dfba11646e291fe5867e8375b71a53c815f3968
      7f7dbaa2
  21. 28 Jan, 2011 1 commit
    • Jason parks's avatar
      Change cryptfs changepw to only require a new password. · 70a4b3fd
      Jason parks authored 
      The master key is now stored unhashed in memory. This
is needed because certain operation like remote reseting
of passwords the old password is not avaliable.
The changepw interface has been changed to only take
the new password as the only argument. When this is
called we reencrypt the master key with the new password
and old salt.

Bug: 3382129
Change-Id: I9a596b89013194605d6d7790067691aa0dc75e72
      70a4b3fd
  23. 22 Jan, 2011 1 commit
    • Jason parks's avatar
      Always return success if the command was run. · ab593e8e
      Jason parks authored 
      The caller will check the result code for success. This prevents a exception from being thrown when the result code needs to be propagated to the caller.

Change-Id: I471e8d6eb6f339c6f4e40f47adf60d20f6a70974
      ab593e8e
  25. 21 Jan, 2011 1 commit
    • Jason parks's avatar
      Always return success if the command was run. · 0167cb15
      Jason parks authored 
      The caller will check the result code for success. This prevents a exception from being thrown when the result code needs to be propagated to the caller.

Change-Id: I471e8d6eb6f339c6f4e40f47adf60d20f6a70974
      0167cb15
  27. 18 Jan, 2011 1 commit
  29. 17 Jan, 2011 1 commit
    • Ken Sumrall's avatar
      Updates to cryptfs framework. · 8ddbe40a
      Ken Sumrall authored 
      Update the enable inplace API to allow the UI to show a progress bar.
Add new command changepw (whichis currently not working)
Internal restructuring of code to support these two features.
Some minor cleanup of the code as well.

Change-Id: I11461fc9ce66965bea6cd0b6bb2ff48bcf607b97
      8ddbe40a
  31. 14 Jan, 2011 1 commit
    • Ken Sumrall's avatar
      Change the cryptfs command to separate out checking the password and restarting · 6864b7ec
      Ken Sumrall authored 
      In order to make the animations and the UI look right, we need to change
the cryptfs checkpw command to return a status if the password was
correct or not, and not have it automatically restart if it's correct.

There is a new command restart that will restart the framework with the
encrypted filesystem.

Change-Id: Ia8ae00d7ed8667699aa58d05ad8ba953cca9316e
      6864b7ec
  33. 19 Dec, 2010 1 commit
    • Ken Sumrall's avatar
      Support for encrypting /data on Stingray. · 8f869aa1
      Ken Sumrall authored 
      There are still a few hacks and performance issues related
to shutting down the framework in this code, but it is
functional and tested.  Without the UI changes, it requires
cryptic adb shell commands to enable, which I shall not
utter here.

Change-Id: I0b8f90afd707e17fbdb0373d156236946633cf8b
      8f869aa1
  35. 16 Nov, 2010 1 commit
  37. 15 Jul, 2010 1 commit
    • Kenny Root's avatar
      Additional Obb functionality · 508c0e16
      Kenny Root authored 
      * Rename all functions dealing with OBB files to mention Obb

* Add 'path' and 'list' functionality to OBB commands

* Store hashed filename in loop's lo_crypt_name and keep lo_file_name
  for the real source filename. That way we can recover it later with an
  ioctl call.

Change-Id: I29e468265988bfb931d981532d86d7be7b3adfc8
      508c0e16
  39. 07 Jul, 2010 1 commit
    • Kenny Root's avatar
      Add image mounting commands for OBB files · fb7c4d5a
      Kenny Root authored 
      Allow the mounting of OBB filesystem images if they're encrypted with
twofish and in FAT filesystem format.

Change-Id: I54804e598f46b1f3a784ffe517ebd9d7626de7aa
      fb7c4d5a
  41. 25 Mar, 2010 1 commit
  43. 23 Mar, 2010 1 commit
  45. 17 Mar, 2010 1 commit
  47. 14 Mar, 2010 2 commits
    • San Mehat's avatar
      vold: Fix argument validation for volume commands · 57df7bf3
      San Mehat authored 
      
Change-Id: I74aa63ff9f9bc32bd871e6c53ab50b6baf79e650
Signed-off-by: default avatarSan Mehat <san@google.com>
      57df7bf3
    • San Mehat's avatar
      vold: Bugfixes & cleanups · d9a4e358
      San Mehat authored 
      
  - Fix issue where container-names > 64 bytes were getting truncated in the
    kernel. lo_name is only 64 bytes in length, so we now hash the container
    id via md5
  - Add 'dump' command to dump loop and devicemapper status
  - Add 'debug' command to enable more detailed logging at runtime
  - Log vold IPC arguments (minus encryption keys)
  - Fix premature return from Loop::lookupActive() and friends

Change-Id: I0e833261a445ce9dc1a8187e5501d27daba1ca76
Signed-off-by: default avatarSan Mehat <san@google.com>
      d9a4e358
  49. 02 Mar, 2010 1 commit
  51. 20 Feb, 2010 1 commit
    • San Mehat's avatar
      vold: Stage the mounting of media to hide the ASEC imagefile directory · 3bb6020e
      San Mehat authored 
      
  In order to protect the '/android_secure' directory on VFAT removable media
from being mucked with by 3rd party applications on the device, we hide the
directory with a read-only, zero-sized tmpfs mounted on-top. A reference to the
hidden directory is kept by a bind-mount which is mounted at a location which
only root can access.

Staging consists of:
  1. Mount checked media at a secure location (/mnt/secure/staging)
  2. Ensure /android_secure exists on the media, (creating if it doesnt)
  3. Bind-mount /mnt/secure/staging/android_secure -> /mnt/secure/asec
     (where only root can access it)
  4. Mount an RDONLY zero-sized tmpfs over /mnt/secure/staging/android_secure
  5. Atomically move /mnt/secure/staging to the publicly accessable storage
     directory (/mnt/sdcard)
Signed-off-by: default avatarSan Mehat <san@google.com>
      3bb6020e
  53. 18 Feb, 2010 2 commits
  55. 17 Feb, 2010 1 commit
  57. 04 Feb, 2010 1 commit
    • San Mehat's avatar
      vold: Fix a few bugs · b9aed74b
      San Mehat authored 
      
 - share command was taking wrong arguments
 - shared command was returning two termination codes
 - Force FAT32 cluster size to 4k when formatting
Signed-off-by: default avatarSan Mehat <san@google.com>
      b9aed74b
  59. 03 Feb, 2010 1 commit
  61. 02 Feb, 2010 1 commit
  63. 23 Jan, 2010 1 commit
  65. 18 Jan, 2010 1 commit
  67. 11 Jan, 2010 3 commits
  69. 06 Jan, 2010 1 commit