87701e2755f039d6ea8c1510dcddf468ee947a62 |
|
18-Sep-2014 |
Ajay Dudani <adudani@codeaurora.org> |
Adding support of dm-req-crypt Currently Android provides disk encryption support using dm-crypt which is based on bios. dm-crypt uses 512 bytes packet size for crypto operations. While 512 bytes size packet is ok for SW based disk encryption, it is inefficient for HW based crypto engines. dm-req-crypt is similar to dm-crypt except it uses block requests rathe bios for crypto operations. block requests when unpacked carries data upto 512KB. Hence, HW based crypto engine can be used more efficiently. Also move create disk encryption key before framework start as HW based disk encryption creates key in secure side. Key creation can take sometime to create the key securely. If framework is started before creating the key, it is possible that framework requests service from secure side. Secure side can serve mostly one request at a time. Secure side may reject framework request if key creation request is still going on. This may cause problem in the system b/17475056 Enable hardware crypto for userdata encryption Change-Id: I5480ab72a37c02532218a18faaba598a824589fd Signed-off-by: Iliyan Malchev <malchev@google.com>
/system/vold/Android.mk
|
e82df164e8128ec9df0072c4a4f3d92e79a0f5f4 |
|
16-Aug-2014 |
Daniel Rosenberg <drosen@google.com> |
Revert "Revert "cryptfs: Added support for f2fs fast encryption"" This reverts commit a70abc60091aed3c3eaf8bc8e1766e233c1c3a2f. Change-Id: Ic41d1924638586cf9b2297f91ed5417f3b0303c6
/system/vold/Android.mk
|
a70abc60091aed3c3eaf8bc8e1766e233c1c3a2f |
|
15-Aug-2014 |
Jim Miller <jaggies@google.com> |
Revert "cryptfs: Added support for f2fs fast encryption" This reverts commit 74c01201dec12b5de43ba0f20a2f38e835cd00af. Change-Id: Ib397a2b5812179ee2e2b68de5d718077563adc1c
/system/vold/Android.mk
|
74c01201dec12b5de43ba0f20a2f38e835cd00af |
|
13-Aug-2014 |
Daniel Rosenberg <drosen@google.com> |
cryptfs: Added support for f2fs fast encryption Bug: 15749466 Change-Id: I25452a05e1cbe90ac6603a89db9b720c7ab17e55 Signed-off-by: Daniel Rosenberg <drosen@google.com>
/system/vold/Android.mk
|
69f4ebd81e22f91a4571763842b5960d95d2758d |
|
14-Apr-2014 |
Paul Lawrence <paullawrence@google.com> |
Add keymaster support to cryptfs Use keymaster to wrap the cryptfs keys. Requires selinux change https://googleplex-android-review.git.corp.google.com/#/c/449411 Bug: 9467042 Change-Id: If25a01cb85ed193a271d61382de0560d85553b7e
/system/vold/Android.mk
|
87999173dd79dbcbd8cb97f5476007e867aaeeba |
|
20-Feb-2014 |
Paul Lawrence <paullawrence@google.com> |
Don't corrupt ssd when encrypting and power fails Stop encryption when battery is low, mark position, and continue on reboot. Note - support for multiple encrypted volumes removed as no devices seem to exist with an fstab that uses this feature. If you want support for such a device, contact me and we will re-add it with appropriate testing. Bug: 13284213 Change-Id: I1f7178e4f7dd8ea816cbc03ab5c4f6543e98acaa
/system/vold/Android.mk
|
4ff7225154ad14a01065b04c49d3ee179ffb6c10 |
|
11-Feb-2014 |
Nick Kralevich <nnk@google.com> |
am ca3593df: am 311edc8c: Merge "Add SELinux restorecon calls on ASEC containers." * commit 'ca3593df3d48cb4b51acf89e6df4872b922fd51d': Add SELinux restorecon calls on ASEC containers.
|
b9e3ba56cb4075f894a73b02ee70571456494ac1 |
|
04-Feb-2014 |
Robert Craig <rpcraig@tycho.ncsc.mil> |
Add SELinux restorecon calls on ASEC containers. This will allow fine-grained labeling of the contents of ASEC containers. Some of the contents need to be world readable and thus should be distinguishable in policy. Change-Id: Iefee74214d664acd262edecbb4f981d633ff96ce Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
/system/vold/Android.mk
|
699bfa411e089aafb697d1ed834f9b4d30c20b09 |
|
24-Jan-2014 |
Colin Cross <ccross@android.com> |
am 8328e815: Merge "vold: remove from include path" * commit '8328e8150f4e7b785785754f2d44794e7bab3577': vold: remove $(KERNEL_HEADERS) from include path
|
23b571bb5704b054d3f27b827246c5399942011e |
|
23-Jan-2014 |
Colin Cross <ccross@android.com> |
vold: remove $(KERNEL_HEADERS) from include path The kernel headers are already in the include path, and manually adding them again will break on a multiarch build, where the kernel headers may be different for each arch. Change-Id: Ifb11fa7bdff6b317c44258968244313b7039a9e1
/system/vold/Android.mk
|
0368cd4355466e4c9d6f502fed8a830cad36e25e |
|
18-Oct-2013 |
Jeff Sharkey <jsharkey@android.com> |
am f4a8c0b9: am 10939ac7: Merge "Extract UUID and label from inserted volumes." into klp-dev * commit 'f4a8c0b9f646cd9fa51fe3746bc8a00bb987124b': Extract UUID and label from inserted volumes.
|
0de365fc0af30ae48c2037e1057f2a813029a618 |
|
17-Oct-2013 |
Jeff Sharkey <jsharkey@android.com> |
Extract UUID and label from inserted volumes. Uses "blkid" tool to extract metadata from an inserted volume, and reports it up to the framework. This needs to happen in vold, since only the FUSE-wrapped volume is visible to userspace. Remove autorun sanitization, since FUSE takes care of this now. Bug: 11175082 Change-Id: Ie69b38011ad6011bfb50e40d4f35a29e02150c19
/system/vold/Android.mk
|
20bab9ffdcfd2b22c2d1ba897df98750ef195e7d |
|
17-Sep-2013 |
Nick Kralevich <nnk@google.com> |
vold: Remove obsolete xwarp support. This code appears to be unused. Delete it. This is essentially a revert of 2350c44ff39b4cb2940893964a05f778fc80a436. Change-Id: I20a525bb49f6ee8fec8c1ec22e01ad47d0c72960
/system/vold/Android.mk
|
5cf759a9c5281d4345c16902171201c07875e555 |
|
15-Aug-2013 |
Ken Sumrall <ksumrall@android.com> |
Use a shared library when building vold A quick fix to a broken build resulted in using a static library to build vold when a shared library was available. This fixes that. Bug: 10332978 Change-Id: I31c2b4a87c7b37647e71f7f3c93b0d64dd52da44
/system/vold/Android.mk
|
c49f0f2f9098bb2c6c43570868b4e090c14a7d23 |
|
07-Aug-2013 |
Geremy Condra <gcondra@google.com> |
Add libext4 and libmincrypt to vold. This accomodates verity changes, which now utilize these libraries. Change-Id: I1ff8c012e972e245cf3e4bc3a02bef0989165d75
/system/vold/Android.mk
|
c4c70f15bb8845b02f9ec1d624794757badd6933 |
|
14-Jun-2013 |
Kenny Root <kroot@google.com> |
Change key derivation to scrypt scrypt is a sequential memory-hard key derivation algorithm that makes it more difficult for adversaries to brute force passwords using specialized equipment. See http://www.tarsnap.com/scrypt/scrypt.pdf for more details of the algorithm. This adds support for initializing disk encryption using scrypt and upgrading from the previous PBKDF2 algorithm. Change-Id: I1d26db4eb9d27fea7310be3e49c8e6219e6d2c3b
/system/vold/Android.mk
|
9caab76c6b5aefdeeb1715a3695491ca793b8c18 |
|
12-Jun-2013 |
Ken Sumrall <ksumrall@android.com> |
vold: Add an optional wipe paramter to the volume format command The new wipe option to the vold format command will invoke BLKDISCARD on the partition before invoking newfs_msdos. This will be used whenever a full wipe of the device is wanted, as this is more secure than just doing newfs_msdos. Bug: 9392982 Change-Id: Ie106f1b9cc70abc61206006d1821641c27c7ccae
/system/vold/Android.mk
|
741a1699b15c628e36e5c26457bd703b11f1e515 |
|
10-Apr-2013 |
Ying Wang <wangying@google.com> |
Add liblog Bug: 8580410 Change-Id: I1a59b45c87cd901b3de52540ad7b670c42ffcbd5
/system/vold/Android.mk
|
b87937cdea689594a293979b30b13054e7455dee |
|
20-Mar-2013 |
Ken Sumrall <ksumrall@android.com> |
Vold: Add the fstrim subsystem to vold The fstrim subsystem implements the dotrim command, which goes through all the writable filesystems on the device, and invokes the FITRIM ioctl() on them. This marks all the unused blocks on the underlying flash device as unused, so the device performs better. Change-Id: I5fc8c2f60e0bc823f162d0f89580fb288ecb2160
/system/vold/Android.mk
|
2ba45aafc22ff2fed91f8cd191beb85578b7b9bc |
|
16-Jan-2013 |
Rom Lemarchand <romlem@google.com> |
Replace custom logwrapper implementation with liblogwrap Use liblogwrap to provide logwrapper functionality instead of using vold's own implementation. Change-Id: I76aac5aa72a1fdca043a63b86c6a9b54e7abec16
/system/vold/Android.mk
|
f0679f0da4970f04e1cb03f4cb0fcde29e3e7098 |
|
02-Apr-2012 |
Ken Sumrall <ksumrall@android.com> |
Changes to encryption to work with the new filesystem manager The new filesystem manager is in charge of mounting the block devices now, removing much of the knowledge from init.<device>.rc. This also let us clean up some init code dealing with encryption, so this change updates vold to work with that. More cleanup is possible, but the main goal of the filesystem manager was to enable e2fsck, not a full cleanup of encryption. Change-Id: I00ea80a923d14770ed8fdd190e8840be195f8514
/system/vold/Android.mk
|
344ca10856f3d3087a3288ce8f91ad83665d93fb |
|
04-Apr-2012 |
Kenny Root <kroot@google.com> |
Add in ext4 support for ASEC containers Now forward locked applications will be in ASEC containers both internal to the system and externally. This change adds support for putting applications in ext4-based ASECs. Change-Id: I8d6765b72dd2606e429c067b47a2dbcaa8bef37d
/system/vold/Android.mk
|
9713ed463917f193823c7c6ecf1c7cb2a1ae9fcc |
|
23-Feb-2012 |
Nick Kralevich <nnk@google.com> |
vold: add -Werror=format Stop format string bugs from creeping into root level processes. Change-Id: Ifa19ac0cacba76392040ab16cebe557b5b016706
/system/vold/Android.mk
|
ea89f53387dc6451f6e2afc82b4c4bede5be6dc6 |
|
12-Jul-2011 |
Jeff Brown <jeffbrown@google.com> |
Remove the simulator target from all makefiles. Bug: 5010576 Change-Id: I7e531101ae057fb059d7d56c99433c4d66e866dc
/system/vold/Android.mk
|
5d4c68e40700424b65a4331be75620706a0dd49c |
|
31-Jan-2011 |
Ken Sumrall <ksumrall@android.com> |
Have vold grab a partial wakelock when encrypting The Progress bar UI grabs a full wakelock when encrypting, but we've seen a case where it looks like the progress bar UI crashes, and the wakelock is lost, and then all hell breaks loose. The enablecrypto command has a lot of work to do, and it will take some time, so it should grab a wakelock to ensure it can finish without being interrupted and put to sleep. It grabs a partial wake lock, as it doesn't need the screen to be on to do its work. If the UI wants to keep it on, it should also grab a full wakelock, which it does. If the UI crashes, the screen may turn off, but the encryption will keep going, and vold will reboot the device when it's done. Change-Id: I51d3a72b8c77383044a3facb1604c1ee510733ae
/system/vold/Android.mk
|
3ed8236de11a1be8b45d4c37b2208682f5e97c72 |
|
29-Jan-2011 |
Ken Sumrall <ksumrall@android.com> |
Don't try to encrypt in place a filesystem that is too large and return proper errors If the already existing filesystem encompasses the entire /data partition and does not leave the last 16 Kbytes for the crypto footer, refuse to do encrypt in place and return an error. This is only an issue for folks with early development systems trying to encrypt an old /data. This should not be seen in released devices. Also, if there is an error, try to report back to the UI what the error was so it can deal with it. Change-Id: If66781a4fe03034c96c3dd12075240deb8663db0
/system/vold/Android.mk
|
8f869aa1bc685b505c58e97b4e11a9c7491a16f9 |
|
03-Dec-2010 |
Ken Sumrall <ksumrall@android.com> |
Support for encrypting /data on Stingray. There are still a few hacks and performance issues related to shutting down the framework in this code, but it is functional and tested. Without the UI changes, it requires cryptic adb shell commands to enable, which I shall not utter here. Change-Id: I0b8f90afd707e17fbdb0373d156236946633cf8b
/system/vold/Android.mk
|
acc9e7dcca8978fc809fa5b4d9b819c515a980ff |
|
19-Jun-2010 |
Kenny Root <kroot@google.com> |
Change ASCII conversion for hash and add tests Hash was printed using snprintf(), but we can just write yet another hex conversion utility! Change-Id: I04f1992deaf5bf1b3e2751c8f07072f8ed6660e9
/system/vold/Android.mk
|
7b18a7b36f61574c0f0bdde0a7409dc36676fa12 |
|
15-Mar-2010 |
Kenny Root <kroot@google.com> |
vold: Convert to use OpenSSL MD5 API Change-Id: I9b84370fa9a98464c211ebe8983be8dbe9dd7ccd
/system/vold/Android.mk
|
befd59c152835b815665ec3c5e453b55e70d5f0b |
|
15-Mar-2010 |
San Mehat <san@google.com> |
vold: remove some dead code Change-Id: Iaeb5d3334ec22ed31da9734bb8d7cd17e6a40eaf Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
d9a4e358614a0c5f60cc76c0636ee4bb02004a32 |
|
12-Mar-2010 |
San Mehat <san@google.com> |
vold: Bugfixes & cleanups - Fix issue where container-names > 64 bytes were getting truncated in the kernel. lo_name is only 64 bytes in length, so we now hash the container id via md5 - Add 'dump' command to dump loop and devicemapper status - Add 'debug' command to enable more detailed logging at runtime - Log vold IPC arguments (minus encryption keys) - Fix premature return from Loop::lookupActive() and friends Change-Id: I0e833261a445ce9dc1a8187e5501d27daba1ca76 Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
2a5b8ce09b8836a8463ef9beaaff865c36ca5e6a |
|
10-Mar-2010 |
San Mehat <san@google.com> |
vold: Switch to using libdiskconfig for partition setup. Also handles an issue where NPARTS=0 on a disk change uevent Change-Id: I77c56f177dc65df91468bbd7d5fe1889db414d7a Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
2350c44ff39b4cb2940893964a05f778fc80a436 |
|
02-Mar-2010 |
San Mehat <san@google.com> |
vold: Add support for xwarp Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
8f2875b29780312f4edda3d831cc8a99e1648dd5 |
|
18-Feb-2010 |
San Mehat <san@google.com> |
vold: Clean up asec command response and add support for 'StorageBusy' Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
586536c60b773e3517531ad8a6cb0de6722c67fc |
|
17-Feb-2010 |
San Mehat <san@google.com> |
vold: Refactor Processkiller and add command to return users of a mount point Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
b78a32c1d5eeb243bdac0eaf18effb1897f1ee67 |
|
10-Jan-2010 |
San Mehat <san@google.com> |
vold: Add encrypted ASEC support via devmapper - Supports up to 4096 containers - Keys are now implemented - specifying a key of 'none' means no encryption. Otherwise, the key must be a string of 32 characters Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
1bc9558895dbb38b2103345ab90016f318c37bff |
|
07-Jan-2010 |
Doug Kwan <dougkwan@google.com> |
Add missing library used by the main executable in linker options. Currently the library is implicit added via inter-library dependency.
/system/vold/Android.mk
|
a19b250bd273455933ca3502cf2c2e0a803aff77 |
|
06-Jan-2010 |
San Mehat <san@google.com> |
vold2: Initial support for Android Secure External Caches Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
bf04185c88161f13118b9975cdff7967d49a4fa0 |
|
04-Jan-2010 |
San Mehat <san@google.com> |
vold2: Refactor FAT support into a separate class Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
11f78c181e6afe024427be2b7a530280cd4b64e1 |
|
03-Jan-2010 |
San Mehat <san@google.com> |
vold2: Don't build for simulator Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
a1c2ca1c70e52cccb7e63f4be8d7127b22afc0e5 |
|
21-Dec-2009 |
San Mehat <san@google.com> |
vold2: Enable in build Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
a2677e4ad01f250b0765f04adf0acfa6627efc98 |
|
13-Dec-2009 |
San Mehat <san@google.com> |
vold2: Get mounting/unmounting/formatting/sharing working Signed-off-by: San Mehat <san@google.com>
/system/vold/Android.mk
|
49e2bce5b74129c26a35e25d4693cbfe98c4688e |
|
13-Oct-2009 |
San Mehat <san@android.com> |
vold2: Wire up more of the mount function Signed-off-by: San Mehat <san@android.com>
/system/vold/Android.mk
|
ae10b91044bf76b40b77d81c169e48e0bbdf6d75 |
|
12-Oct-2009 |
San Mehat <san@android.com> |
vold2: Rename DeviceVolume -> DirectVolume Signed-off-by: San Mehat <san@android.com>
/system/vold/Android.mk
|
f1b736bc5605e92e917ab27f5abf3ba839be2270 |
|
11-Oct-2009 |
San Mehat <san@android.com> |
system: vold2: Initial skeleton for vold2. Let there be light. Signed-off-by: San Mehat <san@android.com>
/system/vold/Android.mk
|