Skip to content

GitLab

Switch branch/tag
  1. 09 Mar, 2016 1 commit
  3. 09 Feb, 2016 2 commits
  5. 08 Feb, 2016 1 commit
    • Paul Crowley's avatar
      Password security for FBE disk encryption keys · 05720808
      Paul Crowley authored 
      Added a new call change_user_key which changes the way that disk
encryption keys are protected; a key can now be protected with a
combination of an auth token and a secret which is a hashed password.
Both of these are passed to unlock_user_key.

This change introduces a security bug, b/26948053, which must be fixed
before we ship.

Bug: 22950892
Change-Id: Iac1e45bb6f86f2af5c472c70a0fe3228b02115bf
      05720808
  7. 05 Feb, 2016 1 commit
    • Jeff Sharkey's avatar
      Allow callers to prepare CE/DE user storage. · 47695b29
      Jeff Sharkey authored 
      Give callers the option of preparing CE and/or DE storage.  The
framework will only prepare CE storage after the CE keys have been
unlocked for that user.

When init is calling enablecrypto, kick off the work in a thread so
that we can make other calls back into vold without causing
deadlock.  Leaves blocking call intact for framework callers.

Clean up 'vdc' tool to send useful transaction numbers, and
actually watch for the matching result to come back.  This fixes
race conditions when there are multiple 'vdc' callers.

Also add other system and misc directories to match spec.

Bug: 25796509
Change-Id: Ie4f853db6e387916b845d2b5fb92925d743b063d
      47695b29
  9. 03 Feb, 2016 1 commit
  11. 02 Feb, 2016 1 commit
  13. 01 Feb, 2016 1 commit
  15. 20 Jan, 2016 1 commit
    • Paul Crowley's avatar
      Rework FBE crypto to match the N way of doing things · 285956fe
      Paul Crowley authored 
      Major rework and refactor of FBE code to load the keys at the right
time and in a natural way. The old code was aimed at our goals for M,
with patches on top, and didn't quite work.

Bug: 22358539

Change-Id: I9bf7a0a86ee3f2abf0edbd5966f93efac2474c2c
      285956fe
  17. 11 Dec, 2015 1 commit
  19. 10 Dec, 2015 1 commit
  21. 09 Dec, 2015 1 commit
  23. 08 Dec, 2015 1 commit
  25. 10 Nov, 2015 1 commit
    • Jeff Sharkey's avatar
      New granular encryption commands for framework. · d2c96e78
      Jeff Sharkey authored 
      We now have separate methods for key creation/destruction and
unlocking/locking.  Key unlocking can pass through an opaque token,
but it's left empty for now.

Extend user storage setup to also create system_ce and user_de
paths.  Bring over some path generation logic from installd.

Use strong type checking on user arguments.

Bug: 22358539
Change-Id: I00ba15c7b10dd682640b3f082feade4fb7cbbb5d
      d2c96e78
  27. 13 Jul, 2015 2 commits
  29. 03 Jun, 2015 1 commit
  31. 29 May, 2015 3 commits
  33. 13 May, 2015 1 commit
  35. 06 May, 2015 1 commit
  37. 01 May, 2015 1 commit
  39. 28 Apr, 2015 2 commits
  41. 27 Apr, 2015 1 commit