GitLab

Make sure asec names only contain alphanumeric, underscores,
dots, or dashes. Don't allow double dots.

Bug: 12504045

(cherry picked from commit 66962609)

Change-Id: Ia9d04f373aa95878b2e81584c4167dc2d4aa0c78

Any ASEC or OBB files were unmounted when USB storage was set to UMS
mode. This changes it so only ASEC files on external storage and OBB
files mounted from external storage are unmounted.

(Cherry-pick of 93ecb38d)

Bug: 6948035
Change-Id: Ib60727bd360caa32173797ff5b4e1e21fcf20054

Now that forward locked apps are stored on /data as asec image files
that are mounted, they need to be unmounted before /data can be unmounted
so it can be encrypted.

Change-Id: I7c87deb52aaed21c8ad8ce8aceb7c15c2338620a

There appears to be a race condition from when the device mapper is
asked to create a device and when it actually appears. When we moved
ASECs to use Ext4, mount started winning the race more often.

Just insert a sleep-retry loop here to counter-act this race. We should
ideally look at the uevent replies, but it takes a bit more effort to
separate them out.

Change-Id: Ie8a5b36b1c9a26f2320a178d37312059d03a1281

When calling System.loadLibrary(), it needs to be able to read the
directory to load the file. We could probably fix that, but changing
permissions here is faster.

Bug: 6478606
Change-Id: I296b0805839da5a19950157f9a16755a4d258ca8

Traversal would mark directories with the correct permissions, but
they're visited again in post-order which is a different fts_info flag.
Then it would set that to regular file permissions.

Explicitly check to make sure we're looking at a file instead.

Bug: 6478606
Change-Id: I13cab3e69f451da6a994fa974d575ef366f82025

The new filesystem manager is in charge of mounting the block devices now,
removing much of the knowledge from init.<device>.rc.  This also let us
clean up some init code dealing with encryption, so this change updates
vold to work with that.  More cleanup is possible, but the main goal of the
filesystem manager was to enable e2fsck, not a full cleanup of encryption.

Change-Id: I00ea80a923d14770ed8fdd190e8840be195f8514

Change-Id: I1e6bfcc6b0a5be47e6fd19922fc81669f61b5dba

Now forward locked applications will be in ASEC containers both internal
to the system and externally.

This change adds support for putting applications in ext4-based ASECs.

Change-Id: I8d6765b72dd2606e429c067b47a2dbcaa8bef37d

empty merge with -s ours

Change-Id: I4c7d6fb13e175af819cab784704e08e9189f6739

NativeConnectorDaemon was changed to use an optional sequence number,
and most services were changed to require it.  Now that vold requires
a sequence number, vdc must provide one.

Change-Id: Ibdff9878faf19eae25525221c80bcb5e5f87cfea

Change-Id: I8f62287d1b60d8eef72d1dfc64be5c3d56e9f498

Support multiple commands on a single socket via command numbers.
NativeDaemonConnector has been changed, so we need to use it here
too.

bug:5864209
Change-Id: Ie06e966d50057d122a958377731c0385ea367b69

Stop format string bugs from creeping into root level processes.

Change-Id: Ifa19ac0cacba76392040ab16cebe557b5b016706

Needed for headless devices that need to recover with no user intervention

Bug: 5556856

Change-Id: I0f85591df513a6893324fb057bde114ac1df044b
Signed-off-by: Mike Lockwood <lockwood@google.com>

Needed for headless devices that need to recover with no user intervention

Bug: 5556856

Change-Id: Iabe5d68599259b14626bfcf45e6697d81b866101
Signed-off-by: Mike Lockwood <lockwood@google.com>

If there is filesystem damage on a non-encrypted device, and /data is not
mountable, and if the device stores the keys in a file on a different
partition (like on Crespo) then, vold would return an error which caused
the crypto UI to present an option to the user to wipe the device because
it assumed encryption had failed.  This fixes it to not do that.

Change-Id: Ibff6299787b45768416dbc4052de7db3b140b808

* commit '8c487331':
  Rename LOG() to ALOG()  DO NOT MERGE

See https://android-git.corp.google.com/g/#/c/141576

Bug: 5449033
Change-Id: Icc1c76abe506d53c07c7c3db526c6fa05f73988b

This vold command returns 0 if the given password matches the password
used to decrypt the device on boot.  It returns 1 if they don't match,
and it returns -1 on an internal error, and -2 if the device is not encrypted.

Also check the uid of the sender of the command and only allow the root and
system users to issue cryptfs commands.

Change-Id: I5e5ae3b72a2d7814ae68c2d49aa9deb90fb1dac5

If a raw block is specified for key storage, do not try to force the size
of the file to 16 Kbytes when writing the keys, and do not complain if
the size is not 16 Kbytes when reading the keys.  Only do them if the
keyfile is a regular file.

Change-Id: I4de1cb7c3614479d93289d4f2767ca6ce1bbbc73

Add the force_and_revert option to the unmount command which will force
the unmount, and revert a crypto mapping.  This is used during factory
reset so that when the internal sdcard volume is formatted, it formats
the raw device, not the encrypted mapping.

Change-Id: I36b6ff9bb54863b121de635472a303bf4a2334a9

Change-Id: Ia9383258bc25f7a82628a1c7238140b810e2f3d3

* commit '6c190fd3':
  Avoid array overrun. We can now mount the /sdcard partition on our boot sdcards

* commit '137858b4':
  Avoid array overrun. We can now mount the /sdcard partition on our boot sdcards

Change-Id: I108a0c32efb5add1fec41bfe76f041971801d48d

Bug: 5010576

Change-Id: I7e531101ae057fb059d7d56c99433c4d66e866dc

Mounting was already not allowed, but also unshare before starting
encryption, and don't allow sharing or formatting to be initiated
during encrytion.

Change-Id: Ida188d81f025739ba4dd90492b3e66088735991e

Forgot to include the size of the userdata partition when computing
the total size of vold managed volumes to encrypt.

Change-Id: I237548439d4380b4225ffbc603fa972c3b1c5bae