| eb850f93ab056c05cd949ada794c4dab42027a3c |
|
01-Mar-2018 |
Rubin Xu <rubinxu@google.com> |
Remove secdiscard IPC call
No longer used by the framework, hence removing.
Bug: 62140539
Test: builds
Change-Id: I17b9818ea6121d84223a502949186cf679a83a90
/system/vold/binder/android/os/IVold.aidl
|
| 0fd2626fc3457e4013a9949190c45aa5fb00c5d3 |
|
30-Jan-2018 |
Paul Crowley <paulcrowley@google.com> |
Add a mount with metadata encryption service
Don't use the FDE flow to support metadata encryption; just provide a
vold service which directly mounts the volume and use that.
Bug: 63927601
Test: Boot Taimen to SUW with and without metadata encryption.
Change-Id: Ifc6a012c02c0ea66893020ed1d0da4cba6914aed
/system/vold/binder/android/os/IVold.aidl
|
| 7ee87cfcbef114ef50e15f3f6770cee0fe61890a |
|
22-Dec-2017 |
Paul Lawrence <paullawrence@google.com> |
Remove all references to FDE enable wipe
Bug: 64766105
Test: FBE boots, forceencrypt boots, set pattern, reboots, encryptable
boots and can be encrypted
Change-Id: I8c6dc0acdc37c3a6f1bea28d5607ed8938a4eb0c
/system/vold/binder/android/os/IVold.aidl
|
| 401b2603516a64d3ee7804e270c966828e6b454a |
|
15-Dec-2017 |
Jeff Sharkey <jsharkey@android.com> |
Delay touching disks when secure keyguard showing.
We've tried our best to protect against malicious storage devices
with limited SELinux domains, but let's be even more paranoid and
refuse to look at disks inserted while a secure keyguard is
showing. We'll gladly scan them right away once the user confirms
their credentials.
Test: builds, boots, manual testing
Bug: 68054513
Change-Id: I37fd6c25bbd6631fa4ba3f84e19384d746a22498
/system/vold/binder/android/os/IVold.aidl
|
| a370c14f75e97e131b06662f6bdd4691c4bce0e9 |
|
18-Oct-2017 |
Jin Qian <jinqian@google.com> |
Add functions to handle idle maintenance
runIdleMaint is equivalent with:
1. echo 1 > /sys/fs/f2fs/sdX/gc_urgent
2. wait until /sys/fs/f2fs/sdX/dirty_segments
<= threshold or timeout
3. echo 0 > /sys/fs/f2fs/sdX/gc_urgent
4. fstrim
abortIdleMaint forces the wait loop above to exit and
skips fstrim. However, if fstrim is already running,
abortIdleMaint will just leave it run to completion.
Test: adb shell sm idle-maint [run|abort]
Bug: 67776637
Change-Id: I4adff8d9b6bbd63bce41368cea55dc9e9b117eb6
/system/vold/binder/android/os/IVold.aidl
|
| 2048a2865cfa1f8c794b94eb044854f130943f9c |
|
15-Jun-2017 |
Jeff Sharkey <jsharkey@android.com> |
Test that plaintext can't be read from disk for encrypted files.
Bug: 36029169
Test: tested by hand on Taimen
Change-Id: I5717a8630bb2c8d8fe5c343d519c4e59862ecbdf
/system/vold/binder/android/os/IVold.aidl
|
| 3ce18256a1e2edf830830f066e5ddb4c8203111b |
|
24-Oct-2017 |
Jeff Sharkey <jsharkey@android.com> |
Pass both partition GUID and filesystem UUID.
FDE keys are indexed using the partition GUID, while FBE keys will be
indexed using the filesystem UUID, so pass both of those identifiers
along when forgetting a volume.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Bug: 25861755
Change-Id: I6e239d5ba67a01c9a848d705f6167da00f975924
/system/vold/binder/android/os/IVold.aidl
|
| cbe69fc060d021be972af44904dd76ed1aa2a5a2 |
|
16-Sep-2017 |
Jeff Sharkey <jsharkey@android.com> |
Destroy vold socket interface completely.
Long live Binder.
Test: yes
Bug: 13758960
Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
/system/vold/binder/android/os/IVold.aidl
|
| 52f7a9193479a48c3377fa597191d4dac71f4416 |
|
15-Sep-2017 |
Jeff Sharkey <jsharkey@android.com> |
Move long-running calls to async with listeners.
Now that we're using Binder, we can have callers provide explicit
listeners for every request instead of trying to squeeze them all
into unsolicited socket events.
Move benchmarking to be async to avoid blocking other commands for
up to several minutes. Remove post-trim benchmarking flag, since
benchmarking now requires a separate callback. Will bring back in
a future CL.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Test: adb shell sm fstrim
Bug: 62201209, 13758960
Change-Id: I0f2ebf1ac3b4252ecd6b44303f2887adfdb58e86
/system/vold/binder/android/os/IVold.aidl
|
| 814e9d308e89b721e70025d3469b021b4ff10042 |
|
13-Sep-2017 |
Jeff Sharkey <jsharkey@android.com> |
Move unsolicited vold events to Binder.
Create IVoldListener and move most unsolicited vold events over to
this new interface. The remaining events will be routed through
method-specific listeners instead of a global one.
Move to upstream DISALLOW_COPY_AND_ASSIGN macro.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest
Bug: 13758960
Change-Id: Ib9293487db2d525a76b9b9c2e9ac18d98601c6cf
/system/vold/binder/android/os/IVold.aidl
|
| 83b559ced41c1be0d7a65ba99e179efd79d8d257 |
|
13-Sep-2017 |
Jeff Sharkey <jsharkey@android.com> |
Move all crypto commands over to Binder.
Prefix FDE related commands with "fde" to make it clear which devices
they apply to. This will also make it easier to remove once FDE
is fully deprecated in a future release.
To emulate the single-threaded nature of the old socket, introduce a
lock that is acquired for all encryption related methods.
Sprinkle some "const" around older files to make C++ happy.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest
Bug: 13758960
Change-Id: I0a6ec6e3660bbddc61424c344ff6ac6da953ccf0
/system/vold/binder/android/os/IVold.aidl
|
| 11c2d380a786d9e304416be98881b90b74ff666d |
|
11-Sep-2017 |
Jeff Sharkey <jsharkey@android.com> |
Move even more vold commands over to Binder.
This moves fstrim, obb and appfuse commands over to the new Binder
interface. This change also separates creating/destroying and
mounting/unmounting of OBB volumes, which means they finally flow
nicely into the modern VolumeInfo/VolumeBase design.
We now generate unique identifiers for all OBB volumes, instead of
using a shady MD5 hash.
Change all "loop" and "dm" devices to tag the kernel resources with
a vold-specific prefix so that we can clean them up if vold crashes;
there are new destroyAll() methods that handle this cleanup.
Move appfuse mounting/unmounting into VolumeManager so it can be
shared. Move various model objects into a separate directory to
tidy things up.
Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest
Bug: 13758960
Change-Id: I7294e32b3fb6efe07cb3b77bd20166e70b66958f
/system/vold/binder/android/os/IVold.aidl
|
| 9462bdd5125bb5e410292a03aa041895af8f3486 |
|
07-Sep-2017 |
Jeff Sharkey <jsharkey@android.com> |
Move "volume" commands over to Binder.
Keep the old socket-based commands intact for awhile so we can
rapidly disable this change using the ENABLE_BINDER feature flag.
Define constants in AIDL to keep Java and C++ in sync.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.ExternalStorageHostTest
Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Bug: 13758960
Change-Id: I0d6f82cbebe67f671b60949fd727409aeb1fdc0d
/system/vold/binder/android/os/IVold.aidl
|
| 068c6be6227949fbf34389b2d4c023c2031b005f |
|
06-Sep-2017 |
Jeff Sharkey <jsharkey@android.com> |
Start paving the way for vold calls over Binder.
This change is the bare minimum needed to publish a new vold
Binder service and move the simple "reset" call over to go through
the new interface.
Test: builds, boots
Bug: 13758960
Change-Id: I5b70976653c69f92e1efc8d1f432b2038eb618a4
/system/vold/binder/android/os/IVold.aidl
|