Commits · beb33a67e1b1298417690c6bb00170f8fed74881 · halo / system_vold

12 Jul, 2016 2 commits

Run secdiscard on encrypted key and key blob too · beb33a67

Paul Crowley authored 8 years ago

Don't rely on cryptographic binding of secdiscard to key; securely
delete the other information needed to reconstruct the key too.

Bug: 26021231
Change-Id: If03d2c051b0ec2fdcb5c6f70bde7e3287424f216

beb33a67

Zero out blocks if BLKSECDISCARD fails · 2143ee8d

Paul Crowley authored 8 years ago

On a device where we can't BLKSECDISCARD sectors, we "overwrite" them
with zeroes. This changes the FTL to remap those sectors to new
locations.  With this done, the old contents are accessible only given
a compromise of flash firmware or a die level attack.

Bug: 26021231
Change-Id: Ia065921389886fac1ba456c19c138187237c2561

2143ee8d

22 Jun, 2016 1 commit

Stop dropping caches now we have kernel fix · 6abe6831

Paul Lawrence authored 8 years ago

Only merge once

https://partner-android-review.googlesource.com/#/c/619829/1

has been merged into kernel.

Bug: 28779973
Change-Id: Icef78d1e4381e89e07797c36f6f650033d313557

6abe6831

27 May, 2016 1 commit
- Set encryption mode in mode file · 6e410597
  Paul Lawrence authored 9 years ago
```
Bug: 28905864
Change-Id: Ie2a5c3e029075d53a86ef3afb7fe364c16d8d52b
```
  6e410597
23 May, 2016 1 commit
- Revert "Add fileencrypted=software/ice to fstab options" · 3ae29e77
  Paul Lawrence authored 9 years ago
```
This reverts commit 01f1bc72.

Bug: 28905864
Change-Id: I489f5d073530438829038630af7af6b2a5cbdbbe
```
  3ae29e77
18 May, 2016 1 commit

Two phases to set the password for disk encryption · 8fd77a05

Paul Crowley authored 9 years ago

am: a363036b

* commit 'a363036b':
  Two phases to set the password for disk encryption

Change-Id: Ia28823079d8c0bda220238339f28095b234a0ae5

8fd77a05

17 May, 2016 1 commit

Two phases to set the password for disk encryption · a363036b

Paul Crowley authored 9 years ago

Revert "Revert "Two phases to set the password for disk encryption""

This reverts commit d4023892.

In addition, fix the bug in the original commit.

Bug: 28154455
Bug: 28694324
Change-Id: I885f1d73e739416347c135d79979941c2bbdbe62

a363036b

11 May, 2016 1 commit
- Add fileencrypted=software/ice to fstab options · 01f1bc72
  Paul Lawrence authored 9 years ago
```
Bug: 28616054
Change-Id: If3fddd62f069c7e3e8369a1db68e69c390059d63
```
  01f1bc72
10 May, 2016 5 commits
- Merge "e4crypt_is_native has been moved into system/extras." into nyc-dev · 44ddebaa
  Paul Crowley authored 9 years ago
```
am: cfa03d4a

* commit 'cfa03d4a':
  e4crypt_is_native has been moved into system/extras.

Change-Id: I345475c44fb2d8812a25c9f2195c748cddc55bfe
```
  44ddebaa
- Merge "e4crypt_is_native has been moved into system/extras." into nyc-dev · cfa03d4a
  Paul Crowley authored 9 years ago
  
  cfa03d4a
- Revert "Two phases to set the password for disk encryption" · 26642bf7
  Paul Crowley authored 9 years ago
```
am: d4023892

* commit 'd4023892':
  Revert "Two phases to set the password for disk encryption"

Change-Id: I53a3804fc7bff9c99840aeee36fc4b7ff8e46ac1
```
  26642bf7
- Revert "Two phases to set the password for disk encryption" · d4023892
  Paul Crowley authored 9 years ago
```
This reverts commit 92c5eeb4.

Bug: 28694324
Change-Id: Ibbbaff287f4dd28f4a13e122a3617987a8875a44
```
  d4023892
- e4crypt_is_native has been moved into system/extras. · 4d2d5244
  Paul Crowley authored 9 years ago
```
Bug: 28318405
Change-Id: Id962764cf7fb5f58b769bf99aeb6d3d69cb66991
```
  4d2d5244
09 May, 2016 1 commit

Two phases to set the password for disk encryption · 4e44272c

Paul Crowley authored 9 years ago

am: 92c5eeb4

* commit '92c5eeb4':
  Two phases to set the password for disk encryption

Change-Id: I82c1cfa2874ac4709e42f5c2047c832cbcaccb91

4e44272c

06 May, 2016 1 commit

Two phases to set the password for disk encryption · 92c5eeb4

Paul Crowley authored 9 years ago

In one phase, we make the new password work, and in the second we make
it the only one which works ("fixation"). This means that we can set
the password in Gatekeeper between these two phases, and a crash
doesn't break things. Unlocking a user automatically fixates the
presented credential.

Bug: 28154455
Change-Id: I54623c8652f0c9f72dd60388a7dc0ab2d48e81c7

92c5eeb4

29 Apr, 2016 2 commits
- Merge "Drop caches after installing key policy to avoid cache clashes" into nyc-mr1-dev · 235e78b9
  Paul Lawrence authored 9 years ago
  
  235e78b9
- Drop caches after installing key policy to avoid cache clashes · 85e3d8cd
  Paul Lawrence authored 9 years ago
```
Note that this is an ugly workaround for a kernel bug.

Bug: 28373400
Change-Id: Iec1ae53f4e18f06e41e8cf1fcc3ab03fc9848632
```
  85e3d8cd
27 Apr, 2016 2 commits

Use a longer timeout on the disk encryption keys · 26335ed3

Paul Crowley authored 9 years ago

am: b3de337a

* commit 'b3de337a':
  Use a longer timeout on the disk encryption keys

Change-Id: Ieadec9da13383361ac76bf6b79ecea948965a1d9

26335ed3

Use a longer timeout on the disk encryption keys · b3de337a

Paul Crowley authored 9 years ago

Avoid a timeout error by extending the time allowed between getting
the auth token and decrypting the key from five to thirty seconds.

Bug: 28398766
Change-Id: I1dbb9e0e33707e7de4c1720ad1b8e153c77094b2

b3de337a

25 Apr, 2016 4 commits
- Merge "Unmount public sdcard filesystems before killing the fuse process." into nyc-dev · a54cd873
  John Cormie authored 9 years ago
```
am: a4330beb

* commit 'a4330beb':
  Unmount public sdcard filesystems before killing the fuse process.

Change-Id: I294d46bb27fb6d8ac83f1041e849fd366134b6ee
```
  a54cd873
- Merge "Unmount public sdcard filesystems before killing the fuse process." into nyc-dev · a4330beb
  John Cormie authored 9 years ago
  
  a4330beb
- Merge "Move vold (and sdcard childs) to foreground cpuset." into nyc-dev · 05f1d813
  Martijn Coenen authored 9 years ago
```
am: 47ff14ad

* commit '47ff14ad':
  Move vold (and sdcard childs) to foreground cpuset.

Change-Id: I2d539472902f0f2ce33bbfe767f93b9bf91856ce
```
  05f1d813
- Merge "Move vold (and sdcard childs) to foreground cpuset." into nyc-dev · 47ff14ad
  Martijn Coenen authored 9 years ago
  
  47ff14ad
19 Apr, 2016 3 commits
- Unmount public sdcard filesystems before killing the fuse process. · 25cc7e3c
  John Cormie authored 9 years ago
```
Avoids ENOTCONN during eject for sdcard users.

Change-Id: I7b89ccaad4bb7af3639dc0b702168030a2f88366
Bug: 28268676
```
  25cc7e3c
- Merge "Don\'t start defaultcrypto twice" into nyc-dev · c771d208
  Paul Lawrence authored 9 years ago
```
am: 0264d8ff

* commit '0264d8ff':
  Don't start defaultcrypto twice

Change-Id: I39951628d41f656901658cd82a56298ef9f663ec
```
  c771d208
- Merge "Don't start defaultcrypto twice" into nyc-dev · 0264d8ff
  Paul Lawrence authored 9 years ago
  
  0264d8ff
18 Apr, 2016 2 commits

Don't start defaultcrypto twice · 84274cc3

Paul Lawrence authored 9 years ago

The old way (using triggers) starts defaultcrypto twice because
queue_property_triggers_action retriggers the action.

Bug: 27452459

Change-Id: I715d5441f8ae0b820b680f6a75f51694c4420992

84274cc3

Consistent creation/destruction of user data. · 30b0a1fc

Jeff Sharkey authored 9 years ago

am: be70c9ae

* commit 'be70c9ae':
  Consistent creation/destruction of user data.

Change-Id: I55f4fe88a8c02d019fa92028e6ad358fc0f75aeb

30b0a1fc

15 Apr, 2016 2 commits

Consistent creation/destruction of user data. · be70c9ae

Jeff Sharkey authored 9 years ago

Preparing and destroying users currently needs to be split across
installd, system_server, and vold, since no single party has all the
required SELinux permissions.

Bug: 27896918, 25861755
Change-Id: Ieec14ccacfc7a3a5ab00df47ace7318feb900c38

be70c9ae

Move vold (and sdcard childs) to foreground cpuset. · 624ec66b
Martijn Coenen authored 9 years ago
```
Bug: 24949295
Change-Id: I7118a374db90ede517a92f72763d624b9a234ea7
```
624ec66b

08 Apr, 2016 1 commit
- Merge "vold: write bootloader message directly." into nyc-dev · cbedcc30
  Yabin Cui authored 9 years ago
  
  cbedcc30
07 Apr, 2016 2 commits
- Add log flag for verbose AppFuse log for nyc-dev. · 2d6555f3
  Daichi Hirono authored 9 years ago
```
Change-Id: I60ca596e32f8668ae5895e671d92c4978ede6314
Fixed: 28055420
```
  2d6555f3
- vold: write bootloader message directly. · ffa2e099
  Yabin Cui authored 9 years ago
```
Bug: 27176738
Change-Id: I09bfe777e383325809d7ecc2dcb9129fe234053f
```
  ffa2e099
31 Mar, 2016 1 commit
- Kill apps using PublicVolume when unmounting. · 8aff854b
  Jeff Sharkey authored 9 years ago
```
Bug: 24863778
Change-Id: I86a482c6de78afe2e09ca91165000e1b10a42058
```
  8aff854b
29 Mar, 2016 1 commit

Don't fail if the CE key isn't loaded in destroy_user_key · 71ee662e

Paul Crowley authored 9 years ago

Users don't have to be unlocked to be deleted, so don't worry if we
don't have their key to evict.

Bug: 26847403
Bug: 27441228
Change-Id: Ifd93f620926630aa102a3bb4a5d2d45d34f9b75d

71ee662e

17 Mar, 2016 1 commit
- Support Keymaster2 with lots of clever template logic :) · 0323afd6
  Paul Crowley authored 9 years ago
```
Bug: 27718275
Change-Id: I0b2aa74f45fd07a121ce0c342b27426a3fe593ce
```
  0323afd6
11 Mar, 2016 3 commits
- Fix some static analyser issues · 300dae7c
  Paul Lawrence authored 9 years ago
```
Bug: 27099772
Change-Id: Ic96777edf4ea282be2b8f53525226396c01e023c
```
  300dae7c
- Merge "Make sure encryption type is set on first boot" into nyc-dev · 439034b8
  Paul Lawrence authored 9 years ago
  
  439034b8
- Merge "Print size as unsigned when sending to framework." into nyc-dev · f84fe907
  Jeff Sharkey authored 9 years ago
  
  f84fe907
10 Mar, 2016 1 commit
- Make sure encryption type is set on first boot · 4ed4526e
  Paul Lawrence authored 9 years ago
```
Bug: 27599622
Change-Id: I2f38c03941ac8cdba40baf7421132f572866e296
```
  4ed4526e