diff options
| author | Paul Crowley <paulcrowley@google.com> | 2019-08-26 10:30:54 -0700 |
|---|---|---|
| committer | Paul Crowley <paulcrowley@google.com> | 2019-08-26 10:30:54 -0700 |
| commit | 6081ef90e2d6d6070f550d72a56f1c945c0e41fb (patch) | |
| tree | cb963424c83fdf6a99b5ea545924b0f38eb63700 /libfscrypt | |
| parent | 4c350ec37ef76d2de0cfbf1d5da95efafd1e4906 (diff) | |
| download | extras-6081ef90e2d6d6070f550d72a56f1c945c0e41fb.tar.gz | |
Move fscrypt_init_extensions into system/core
Bug: 140027478
Test: treehugger
Change-Id: I296ce6d1272816c237e1ad213fbdef9f6fafb44f
Diffstat (limited to 'libfscrypt')
| -rw-r--r-- | libfscrypt/Android.bp | 1 | ||||
| -rw-r--r-- | libfscrypt/fscrypt_init_extensions.cpp | 194 | ||||
| -rw-r--r-- | libfscrypt/include/fscrypt/fscrypt_init_extensions.h | 33 |
3 files changed, 0 insertions, 228 deletions
diff --git a/libfscrypt/Android.bp b/libfscrypt/Android.bp index cca38235..65b94ed9 100644 --- a/libfscrypt/Android.bp +++ b/libfscrypt/Android.bp @@ -5,7 +5,6 @@ cc_library { recovery_available: true, srcs: [ "fscrypt.cpp", - "fscrypt_init_extensions.cpp", ], export_include_dirs: ["include"], shared_libs: [ diff --git a/libfscrypt/fscrypt_init_extensions.cpp b/libfscrypt/fscrypt_init_extensions.cpp deleted file mode 100644 index 964ead65..00000000 --- a/libfscrypt/fscrypt_init_extensions.cpp +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "fscrypt/fscrypt_init_extensions.h" - -#include <android-base/file.h> -#include <android-base/logging.h> -#include <android-base/stringprintf.h> -#include <android-base/strings.h> -#include <cutils/properties.h> -#include <cutils/sockets.h> -#include <dirent.h> -#include <errno.h> -#include <fts.h> -#include <keyutils.h> -#include <logwrap/logwrap.h> -#include <sys/mount.h> -#include <sys/stat.h> -#include <unistd.h> - -#include <string> -#include <vector> - -#include "fscrypt/fscrypt.h" - -#define TAG "fscrypt" - -static int set_system_de_policy_on(char const* dir); - -int fscrypt_install_keyring() -{ - key_serial_t device_keyring = add_key("keyring", "fscrypt", 0, 0, - KEY_SPEC_SESSION_KEYRING); - - if (device_keyring == -1) { - PLOG(ERROR) << "Failed to create keyring"; - return -1; - } - - LOG(INFO) << "Keyring created with id " << device_keyring << " in process " << getpid(); - - return 0; -} - -// TODO(b/139378601): use a single central implementation of this. -static void delete_dir_contents(const char* dir) { - char* const paths[2] = {const_cast<char*>(dir), nullptr}; - FTS* fts = fts_open(paths, FTS_PHYSICAL | FTS_NOCHDIR | FTS_XDEV, nullptr); - FTSENT* cur; - while ((cur = fts_read(fts)) != nullptr) { - if (cur->fts_info == FTS_ERR) { - PLOG(ERROR) << "fts_read"; - break; - } - if (strcmp(dir, cur->fts_path) == 0) { - continue; - } - switch (cur->fts_info) { - case FTS_D: - break; // Ignore these - case FTS_DP: - if (rmdir(cur->fts_path) == -1) { - PLOG(ERROR) << "rmdir " << cur->fts_path; - } - break; - default: - PLOG(ERROR) << "FTS unexpected type " << cur->fts_info << " at " << cur->fts_path; - if (rmdir(cur->fts_path) != -1) break; - // FALLTHRU (for gcc, lint, pcc, etc; and following for clang) - FALLTHROUGH_INTENDED; - case FTS_F: - case FTS_SL: - case FTS_SLNONE: - if (unlink(cur->fts_path) == -1) { - PLOG(ERROR) << "unlink " << cur->fts_path; - } - break; - } - } - - if (fts_close(fts) != 0) { - PLOG(ERROR) << "fts_close"; - } -} - -int fscrypt_set_directory_policy(const char* dir) -{ - const std::string prefix = "/data/"; - - if (!dir || strncmp(dir, prefix.c_str(), prefix.size())) { - return 0; - } - - // Special-case /data/media/obb per b/64566063 - if (strcmp(dir, "/data/media/obb") == 0) { - // Try to set policy on this directory, but if it is non-empty this may fail. - set_system_de_policy_on(dir); - return 0; - } - - // Only set policy on first level /data directories - // To make this less restrictive, consider using a policy file. - // However this is overkill for as long as the policy is simply - // to apply a global policy to all /data folders created via makedir - if (strchr(dir + prefix.size(), '/')) { - return 0; - } - - // Special case various directories that must not be encrypted, - // often because their subdirectories must be encrypted. - // This isn't a nice way to do this, see b/26641735 - std::vector<std::string> directories_to_exclude = { - "lost+found", - "system_ce", "system_de", - "misc_ce", "misc_de", - "vendor_ce", "vendor_de", - "media", - "data", "user", "user_de", - "apex", "preloads", "app-staging", - "gsi", - }; - for (const auto& d: directories_to_exclude) { - if ((prefix + d) == dir) { - LOG(INFO) << "Not setting policy on " << dir; - return 0; - } - } - int err = set_system_de_policy_on(dir); - if (err == 0) { - return 0; - } - // Empty these directories if policy setting fails. - std::vector<std::string> wipe_on_failure = { - "rollback", "rollback-observer", // b/139193659 - }; - for (const auto& d : wipe_on_failure) { - if ((prefix + d) == dir) { - LOG(ERROR) << "Setting policy failed, deleting: " << dir; - delete_dir_contents(dir); - err = set_system_de_policy_on(dir); - break; - } - } - return err; -} - -static int set_system_de_policy_on(char const* dir) { - std::string ref_filename = std::string("/data") + fscrypt_key_ref; - std::string policy; - if (!android::base::ReadFileToString(ref_filename, &policy)) { - LOG(ERROR) << "Unable to read system policy to set on " << dir; - return -1; - } - - auto type_filename = std::string("/data") + fscrypt_key_mode; - std::string modestring; - if (!android::base::ReadFileToString(type_filename, &modestring)) { - LOG(ERROR) << "Cannot read mode"; - } - - std::vector<std::string> modes = android::base::Split(modestring, ":"); - - if (modes.size() < 1 || modes.size() > 2) { - LOG(ERROR) << "Invalid encryption mode string: " << modestring; - return -1; - } - - LOG(INFO) << "Setting policy on " << dir; - int result = fscrypt_policy_ensure(dir, policy.c_str(), policy.length(), - modes[0].c_str(), - modes.size() >= 2 ? - modes[1].c_str() : "aes-256-cts"); - if (result) { - LOG(ERROR) << android::base::StringPrintf( - "Setting %02x%02x%02x%02x policy on %s failed!", - policy[0], policy[1], policy[2], policy[3], dir); - return -1; - } - - return 0; -} diff --git a/libfscrypt/include/fscrypt/fscrypt_init_extensions.h b/libfscrypt/include/fscrypt/fscrypt_init_extensions.h deleted file mode 100644 index 2b6c46e1..00000000 --- a/libfscrypt/include/fscrypt/fscrypt_init_extensions.h +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef _FSCRYPT_INIT_EXTENSIONS_H_ -#define _FSCRYPT_INIT_EXTENSIONS_H_ - -#include <sys/cdefs.h> -#include <stdbool.h> -#include <cutils/multiuser.h> - -__BEGIN_DECLS - -// These functions assume they are being called from init -// They will not operate properly outside of init -int fscrypt_install_keyring(); -int fscrypt_set_directory_policy(const char* path); - -__END_DECLS - -#endif // _FSCRYPT_INIT_EXTENSIONS_H_ |