Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2012 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Mattias Nissler | 097b6bb | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 17 | #include <ctype.h> |
| 18 | #include <dirent.h> |
| 19 | #include <errno.h> |
| 20 | #include <fcntl.h> |
| 21 | #include <libgen.h> |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 22 | #include <stdio.h> |
| 23 | #include <stdlib.h> |
| 24 | #include <string.h> |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 25 | #include <sys/mount.h> |
| 26 | #include <sys/stat.h> |
Mattias Nissler | 097b6bb | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 27 | #include <sys/swap.h> |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 28 | #include <sys/types.h> |
| 29 | #include <sys/wait.h> |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 30 | #include <time.h> |
Mattias Nissler | 097b6bb | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 31 | #include <unistd.h> |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 32 | |
JP Abgrall | 4bb7bba | 2014-06-19 22:12:20 -0700 | [diff] [blame] | 33 | #include <cutils/android_reboot.h> |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 34 | #include <cutils/partition_utils.h> |
| 35 | #include <cutils/properties.h> |
Tao Bao | 6d881d6 | 2016-10-05 17:53:30 -0700 | [diff] [blame] | 36 | #include <ext4_utils/ext4.h> |
| 37 | #include <ext4_utils/ext4_crypt_init_extensions.h> |
| 38 | #include <ext4_utils/ext4_sb.h> |
| 39 | #include <ext4_utils/ext4_utils.h> |
| 40 | #include <ext4_utils/wipe.h> |
Mattias Nissler | 097b6bb | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 41 | #include <linux/loop.h> |
Ken Sumrall | bf021b4 | 2013-03-19 19:38:44 -0700 | [diff] [blame] | 42 | #include <logwrap/logwrap.h> |
Mattias Nissler | 097b6bb | 2016-03-31 16:32:09 +0200 | [diff] [blame] | 43 | #include <private/android_filesystem_config.h> |
Geremy Condra | 3ad3d1c | 2013-02-22 18:11:41 -0800 | [diff] [blame] | 44 | |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 45 | #include "fs_mgr_priv.h" |
Geremy Condra | 3ad3d1c | 2013-02-22 18:11:41 -0800 | [diff] [blame] | 46 | #include "fs_mgr_priv_verity.h" |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 47 | |
| 48 | #define KEY_LOC_PROP "ro.crypto.keyfile.userdata" |
| 49 | #define KEY_IN_FOOTER "footer" |
| 50 | |
| 51 | #define E2FSCK_BIN "/system/bin/e2fsck" |
JP Abgrall | 1235158 | 2014-06-17 17:01:14 -0700 | [diff] [blame] | 52 | #define F2FS_FSCK_BIN "/system/bin/fsck.f2fs" |
Ken Sumrall | 5bc31a2 | 2013-07-08 19:11:55 -0700 | [diff] [blame] | 53 | #define MKSWAP_BIN "/system/bin/mkswap" |
| 54 | |
Ken Sumrall | 4eaf905 | 2013-09-18 17:49:21 -0700 | [diff] [blame] | 55 | #define FSCK_LOG_FILE "/dev/fscklogs/log" |
| 56 | |
Ken Sumrall | 5bc31a2 | 2013-07-08 19:11:55 -0700 | [diff] [blame] | 57 | #define ZRAM_CONF_DEV "/sys/block/zram0/disksize" |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 58 | |
Ken Sumrall | bf021b4 | 2013-03-19 19:38:44 -0700 | [diff] [blame] | 59 | #define ARRAY_SIZE(a) (sizeof(a) / sizeof(*(a))) |
| 60 | |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 61 | /* |
| 62 | * gettime() - returns the time in seconds of the system's monotonic clock or |
| 63 | * zero on error. |
| 64 | */ |
| 65 | static time_t gettime(void) |
| 66 | { |
| 67 | struct timespec ts; |
| 68 | int ret; |
| 69 | |
| 70 | ret = clock_gettime(CLOCK_MONOTONIC, &ts); |
| 71 | if (ret < 0) { |
| 72 | ERROR("clock_gettime(CLOCK_MONOTONIC) failed: %s\n", strerror(errno)); |
| 73 | return 0; |
| 74 | } |
| 75 | |
| 76 | return ts.tv_sec; |
| 77 | } |
| 78 | |
| 79 | static int wait_for_file(const char *filename, int timeout) |
| 80 | { |
| 81 | struct stat info; |
| 82 | time_t timeout_time = gettime() + timeout; |
| 83 | int ret = -1; |
| 84 | |
| 85 | while (gettime() < timeout_time && ((ret = stat(filename, &info)) < 0)) |
| 86 | usleep(10000); |
| 87 | |
| 88 | return ret; |
| 89 | } |
| 90 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 91 | static void check_fs(char *blk_device, char *fs_type, char *target) |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 92 | { |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 93 | int status; |
Ken Sumrall | 5dc5bfe | 2012-07-23 19:34:00 -0700 | [diff] [blame] | 94 | int ret; |
| 95 | long tmpmnt_flags = MS_NOATIME | MS_NOEXEC | MS_NOSUID; |
Oreste Salerno | 6ed84c9 | 2015-05-20 17:01:39 +0000 | [diff] [blame] | 96 | char tmpmnt_opts[64] = "errors=remount-ro"; |
Ken Sumrall | bf021b4 | 2013-03-19 19:38:44 -0700 | [diff] [blame] | 97 | char *e2fsck_argv[] = { |
| 98 | E2FSCK_BIN, |
Robb Glasser | 3fb176c | 2016-04-05 18:43:37 +0000 | [diff] [blame] | 99 | "-f", |
Ken Sumrall | bf021b4 | 2013-03-19 19:38:44 -0700 | [diff] [blame] | 100 | "-y", |
| 101 | blk_device |
| 102 | }; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 103 | |
| 104 | /* Check for the types of filesystems we know how to check */ |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 105 | if (!strcmp(fs_type, "ext2") || !strcmp(fs_type, "ext3") || !strcmp(fs_type, "ext4")) { |
Ken Sumrall | 5dc5bfe | 2012-07-23 19:34:00 -0700 | [diff] [blame] | 106 | /* |
| 107 | * First try to mount and unmount the filesystem. We do this because |
| 108 | * the kernel is more efficient than e2fsck in running the journal and |
| 109 | * processing orphaned inodes, and on at least one device with a |
| 110 | * performance issue in the emmc firmware, it can take e2fsck 2.5 minutes |
| 111 | * to do what the kernel does in about a second. |
| 112 | * |
| 113 | * After mounting and unmounting the filesystem, run e2fsck, and if an |
| 114 | * error is recorded in the filesystem superblock, e2fsck will do a full |
| 115 | * check. Otherwise, it does nothing. If the kernel cannot mount the |
| 116 | * filesytsem due to an error, e2fsck is still run to do a full check |
| 117 | * fix the filesystem. |
| 118 | */ |
Elliott Hughes | 5e7dd44 | 2015-04-24 11:05:48 -0700 | [diff] [blame] | 119 | errno = 0; |
Oreste Salerno | 6ed84c9 | 2015-05-20 17:01:39 +0000 | [diff] [blame] | 120 | if (!strcmp(fs_type, "ext4")) { |
| 121 | // This option is only valid with ext4 |
| 122 | strlcat(tmpmnt_opts, ",nomblk_io_submit", sizeof(tmpmnt_opts)); |
| 123 | } |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 124 | ret = mount(blk_device, target, fs_type, tmpmnt_flags, tmpmnt_opts); |
Elliott Hughes | 5e7dd44 | 2015-04-24 11:05:48 -0700 | [diff] [blame] | 125 | INFO("%s(): mount(%s,%s,%s)=%d: %s\n", |
| 126 | __func__, blk_device, target, fs_type, ret, strerror(errno)); |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 127 | if (!ret) { |
Nick Kralevich | 7294eb6 | 2015-02-05 16:02:42 -0800 | [diff] [blame] | 128 | int i; |
| 129 | for (i = 0; i < 5; i++) { |
| 130 | // Try to umount 5 times before continuing on. |
| 131 | // Should we try rebooting if all attempts fail? |
| 132 | int result = umount(target); |
| 133 | if (result == 0) { |
Elliott Hughes | 5e7dd44 | 2015-04-24 11:05:48 -0700 | [diff] [blame] | 134 | INFO("%s(): unmount(%s) succeeded\n", __func__, target); |
Nick Kralevich | 7294eb6 | 2015-02-05 16:02:42 -0800 | [diff] [blame] | 135 | break; |
| 136 | } |
| 137 | ERROR("%s(): umount(%s)=%d: %s\n", __func__, target, result, strerror(errno)); |
| 138 | sleep(1); |
| 139 | } |
Ken Sumrall | 5dc5bfe | 2012-07-23 19:34:00 -0700 | [diff] [blame] | 140 | } |
| 141 | |
David 'Digit' Turner | 28483d7 | 2014-02-17 11:14:44 +0100 | [diff] [blame] | 142 | /* |
| 143 | * Some system images do not have e2fsck for licensing reasons |
| 144 | * (e.g. recent SDK system images). Detect these and skip the check. |
| 145 | */ |
| 146 | if (access(E2FSCK_BIN, X_OK)) { |
| 147 | INFO("Not running %s on %s (executable not in system image)\n", |
| 148 | E2FSCK_BIN, blk_device); |
| 149 | } else { |
| 150 | INFO("Running %s on %s\n", E2FSCK_BIN, blk_device); |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 151 | |
David 'Digit' Turner | 28483d7 | 2014-02-17 11:14:44 +0100 | [diff] [blame] | 152 | ret = android_fork_execvp_ext(ARRAY_SIZE(e2fsck_argv), e2fsck_argv, |
Yusuke Sato | d81c3c6 | 2015-08-14 01:22:53 -0700 | [diff] [blame] | 153 | &status, true, LOG_KLOG | LOG_FILE, |
| 154 | true, FSCK_LOG_FILE, NULL, 0); |
Ken Sumrall | bf021b4 | 2013-03-19 19:38:44 -0700 | [diff] [blame] | 155 | |
David 'Digit' Turner | 28483d7 | 2014-02-17 11:14:44 +0100 | [diff] [blame] | 156 | if (ret < 0) { |
| 157 | /* No need to check for error in fork, we can't really handle it now */ |
| 158 | ERROR("Failed trying to run %s\n", E2FSCK_BIN); |
| 159 | } |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 160 | } |
JP Abgrall | 1235158 | 2014-06-17 17:01:14 -0700 | [diff] [blame] | 161 | } else if (!strcmp(fs_type, "f2fs")) { |
| 162 | char *f2fs_fsck_argv[] = { |
| 163 | F2FS_FSCK_BIN, |
Yusuke Sato | 0df0827 | 2015-07-08 14:57:07 -0700 | [diff] [blame] | 164 | "-a", |
JP Abgrall | 1235158 | 2014-06-17 17:01:14 -0700 | [diff] [blame] | 165 | blk_device |
| 166 | }; |
Yusuke Sato | 0df0827 | 2015-07-08 14:57:07 -0700 | [diff] [blame] | 167 | INFO("Running %s -a %s\n", F2FS_FSCK_BIN, blk_device); |
JP Abgrall | 1235158 | 2014-06-17 17:01:14 -0700 | [diff] [blame] | 168 | |
| 169 | ret = android_fork_execvp_ext(ARRAY_SIZE(f2fs_fsck_argv), f2fs_fsck_argv, |
| 170 | &status, true, LOG_KLOG | LOG_FILE, |
Yusuke Sato | d81c3c6 | 2015-08-14 01:22:53 -0700 | [diff] [blame] | 171 | true, FSCK_LOG_FILE, NULL, 0); |
JP Abgrall | 1235158 | 2014-06-17 17:01:14 -0700 | [diff] [blame] | 172 | if (ret < 0) { |
| 173 | /* No need to check for error in fork, we can't really handle it now */ |
| 174 | ERROR("Failed trying to run %s\n", F2FS_FSCK_BIN); |
| 175 | } |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 176 | } |
| 177 | |
| 178 | return; |
| 179 | } |
| 180 | |
| 181 | static void remove_trailing_slashes(char *n) |
| 182 | { |
| 183 | int len; |
| 184 | |
| 185 | len = strlen(n) - 1; |
| 186 | while ((*(n + len) == '/') && len) { |
| 187 | *(n + len) = '\0'; |
| 188 | len--; |
| 189 | } |
| 190 | } |
| 191 | |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 192 | /* |
| 193 | * Mark the given block device as read-only, using the BLKROSET ioctl. |
| 194 | * Return 0 on success, and -1 on error. |
| 195 | */ |
Sami Tolvanen | 214f33b | 2014-12-18 16:15:30 +0000 | [diff] [blame] | 196 | int fs_mgr_set_blk_ro(const char *blockdev) |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 197 | { |
| 198 | int fd; |
Sami Tolvanen | 214f33b | 2014-12-18 16:15:30 +0000 | [diff] [blame] | 199 | int rc = -1; |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 200 | int ON = 1; |
| 201 | |
Sami Tolvanen | 214f33b | 2014-12-18 16:15:30 +0000 | [diff] [blame] | 202 | fd = TEMP_FAILURE_RETRY(open(blockdev, O_RDONLY | O_CLOEXEC)); |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 203 | if (fd < 0) { |
| 204 | // should never happen |
Sami Tolvanen | 214f33b | 2014-12-18 16:15:30 +0000 | [diff] [blame] | 205 | return rc; |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 206 | } |
| 207 | |
Sami Tolvanen | 214f33b | 2014-12-18 16:15:30 +0000 | [diff] [blame] | 208 | rc = ioctl(fd, BLKROSET, &ON); |
Elliott Hughes | 9fc8343 | 2015-05-15 19:16:40 -0700 | [diff] [blame] | 209 | close(fd); |
Sami Tolvanen | 214f33b | 2014-12-18 16:15:30 +0000 | [diff] [blame] | 210 | |
| 211 | return rc; |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 212 | } |
| 213 | |
| 214 | /* |
| 215 | * __mount(): wrapper around the mount() system call which also |
| 216 | * sets the underlying block device to read-only if the mount is read-only. |
| 217 | * See "man 2 mount" for return values. |
| 218 | */ |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 219 | static int __mount(const char *source, const char *target, const struct fstab_rec *rec) |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 220 | { |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 221 | unsigned long mountflags = rec->flags; |
| 222 | int ret; |
| 223 | int save_errno; |
Daniel Rosenberg | f67d6bd | 2014-06-26 14:55:04 -0700 | [diff] [blame] | 224 | |
| 225 | /* We need this because sometimes we have legacy symlinks |
| 226 | * that are lingering around and need cleaning up. |
| 227 | */ |
| 228 | struct stat info; |
| 229 | if (!lstat(target, &info)) |
| 230 | if ((info.st_mode & S_IFMT) == S_IFLNK) |
| 231 | unlink(target); |
Daniel Rosenberg | f530c93 | 2014-05-28 14:10:01 -0700 | [diff] [blame] | 232 | mkdir(target, 0755); |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 233 | ret = mount(source, target, rec->fs_type, mountflags, rec->fs_options); |
| 234 | save_errno = errno; |
| 235 | INFO("%s(source=%s,target=%s,type=%s)=%d\n", __func__, source, target, rec->fs_type, ret); |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 236 | if ((ret == 0) && (mountflags & MS_RDONLY) != 0) { |
Sami Tolvanen | 214f33b | 2014-12-18 16:15:30 +0000 | [diff] [blame] | 237 | fs_mgr_set_blk_ro(source); |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 238 | } |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 239 | errno = save_errno; |
Nick Kralevich | e18c0d5 | 2013-04-16 16:41:32 -0700 | [diff] [blame] | 240 | return ret; |
| 241 | } |
| 242 | |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 243 | static int fs_match(char *in1, char *in2) |
| 244 | { |
| 245 | char *n1; |
| 246 | char *n2; |
| 247 | int ret; |
| 248 | |
| 249 | n1 = strdup(in1); |
| 250 | n2 = strdup(in2); |
| 251 | |
| 252 | remove_trailing_slashes(n1); |
| 253 | remove_trailing_slashes(n2); |
| 254 | |
| 255 | ret = !strcmp(n1, n2); |
| 256 | |
| 257 | free(n1); |
| 258 | free(n2); |
| 259 | |
| 260 | return ret; |
| 261 | } |
| 262 | |
Geremy Condra | cd642fc | 2014-04-02 13:42:06 -0700 | [diff] [blame] | 263 | static int device_is_debuggable() { |
| 264 | int ret = -1; |
| 265 | char value[PROP_VALUE_MAX]; |
| 266 | ret = __system_property_get("ro.debuggable", value); |
| 267 | if (ret < 0) |
| 268 | return ret; |
| 269 | return strcmp(value, "1") ? 0 : 1; |
| 270 | } |
| 271 | |
Paul Lawrence | bbb3631 | 2014-10-09 14:22:49 +0000 | [diff] [blame] | 272 | static int device_is_secure() { |
| 273 | int ret = -1; |
| 274 | char value[PROP_VALUE_MAX]; |
| 275 | ret = __system_property_get("ro.secure", value); |
| 276 | /* If error, we want to fail secure */ |
| 277 | if (ret < 0) |
| 278 | return 1; |
| 279 | return strcmp(value, "0") ? 1 : 0; |
| 280 | } |
| 281 | |
Paul Lawrence | 703b87d | 2015-01-07 11:44:51 -0800 | [diff] [blame] | 282 | static int device_is_force_encrypted() { |
| 283 | int ret = -1; |
| 284 | char value[PROP_VALUE_MAX]; |
| 285 | ret = __system_property_get("ro.vold.forceencryption", value); |
| 286 | if (ret < 0) |
| 287 | return 0; |
| 288 | return strcmp(value, "1") ? 0 : 1; |
| 289 | } |
| 290 | |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 291 | /* |
| 292 | * Tries to mount any of the consecutive fstab entries that match |
| 293 | * the mountpoint of the one given by fstab->recs[start_idx]. |
| 294 | * |
| 295 | * end_idx: On return, will be the last rec that was looked at. |
| 296 | * attempted_idx: On return, will indicate which fstab rec |
| 297 | * succeeded. In case of failure, it will be the start_idx. |
| 298 | * Returns |
| 299 | * -1 on failure with errno set to match the 1st mount failure. |
| 300 | * 0 on success. |
| 301 | */ |
| 302 | static int mount_with_alternatives(struct fstab *fstab, int start_idx, int *end_idx, int *attempted_idx) |
JP Abgrall | 4bb7bba | 2014-06-19 22:12:20 -0700 | [diff] [blame] | 303 | { |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 304 | int i; |
| 305 | int mount_errno = 0; |
| 306 | int mounted = 0; |
| 307 | |
| 308 | if (!end_idx || !attempted_idx || start_idx >= fstab->num_entries) { |
| 309 | errno = EINVAL; |
| 310 | if (end_idx) *end_idx = start_idx; |
| 311 | if (attempted_idx) *end_idx = start_idx; |
| 312 | return -1; |
JP Abgrall | 4bb7bba | 2014-06-19 22:12:20 -0700 | [diff] [blame] | 313 | } |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 314 | |
| 315 | /* Hunt down an fstab entry for the same mount point that might succeed */ |
| 316 | for (i = start_idx; |
| 317 | /* We required that fstab entries for the same mountpoint be consecutive */ |
| 318 | i < fstab->num_entries && !strcmp(fstab->recs[start_idx].mount_point, fstab->recs[i].mount_point); |
| 319 | i++) { |
| 320 | /* |
| 321 | * Don't try to mount/encrypt the same mount point again. |
| 322 | * Deal with alternate entries for the same point which are required to be all following |
| 323 | * each other. |
| 324 | */ |
| 325 | if (mounted) { |
| 326 | ERROR("%s(): skipping fstab dup mountpoint=%s rec[%d].fs_type=%s already mounted as %s.\n", __func__, |
| 327 | fstab->recs[i].mount_point, i, fstab->recs[i].fs_type, fstab->recs[*attempted_idx].fs_type); |
| 328 | continue; |
| 329 | } |
| 330 | |
| 331 | if (fstab->recs[i].fs_mgr_flags & MF_CHECK) { |
| 332 | check_fs(fstab->recs[i].blk_device, fstab->recs[i].fs_type, |
| 333 | fstab->recs[i].mount_point); |
| 334 | } |
| 335 | if (!__mount(fstab->recs[i].blk_device, fstab->recs[i].mount_point, &fstab->recs[i])) { |
| 336 | *attempted_idx = i; |
| 337 | mounted = 1; |
| 338 | if (i != start_idx) { |
| 339 | ERROR("%s(): Mounted %s on %s with fs_type=%s instead of %s\n", __func__, |
| 340 | fstab->recs[i].blk_device, fstab->recs[i].mount_point, fstab->recs[i].fs_type, |
| 341 | fstab->recs[start_idx].fs_type); |
| 342 | } |
| 343 | } else { |
| 344 | /* back up errno for crypto decisions */ |
| 345 | mount_errno = errno; |
| 346 | } |
| 347 | } |
| 348 | |
| 349 | /* Adjust i for the case where it was still withing the recs[] */ |
| 350 | if (i < fstab->num_entries) --i; |
| 351 | |
| 352 | *end_idx = i; |
| 353 | if (!mounted) { |
| 354 | *attempted_idx = start_idx; |
| 355 | errno = mount_errno; |
| 356 | return -1; |
| 357 | } |
| 358 | return 0; |
JP Abgrall | 4bb7bba | 2014-06-19 22:12:20 -0700 | [diff] [blame] | 359 | } |
| 360 | |
Christoffer Dall | 8298234 | 2014-12-17 21:26:54 +0100 | [diff] [blame] | 361 | static int translate_ext_labels(struct fstab_rec *rec) |
| 362 | { |
| 363 | DIR *blockdir = NULL; |
| 364 | struct dirent *ent; |
| 365 | char *label; |
| 366 | size_t label_len; |
| 367 | int ret = -1; |
| 368 | |
| 369 | if (strncmp(rec->blk_device, "LABEL=", 6)) |
| 370 | return 0; |
| 371 | |
| 372 | label = rec->blk_device + 6; |
| 373 | label_len = strlen(label); |
| 374 | |
| 375 | if (label_len > 16) { |
| 376 | ERROR("FS label is longer than allowed by filesystem\n"); |
| 377 | goto out; |
| 378 | } |
| 379 | |
| 380 | |
| 381 | blockdir = opendir("/dev/block"); |
| 382 | if (!blockdir) { |
| 383 | ERROR("couldn't open /dev/block\n"); |
| 384 | goto out; |
| 385 | } |
| 386 | |
| 387 | while ((ent = readdir(blockdir))) { |
| 388 | int fd; |
| 389 | char super_buf[1024]; |
| 390 | struct ext4_super_block *sb; |
| 391 | |
| 392 | if (ent->d_type != DT_BLK) |
| 393 | continue; |
| 394 | |
| 395 | fd = openat(dirfd(blockdir), ent->d_name, O_RDONLY); |
| 396 | if (fd < 0) { |
| 397 | ERROR("Cannot open block device /dev/block/%s\n", ent->d_name); |
| 398 | goto out; |
| 399 | } |
| 400 | |
| 401 | if (TEMP_FAILURE_RETRY(lseek(fd, 1024, SEEK_SET)) < 0 || |
| 402 | TEMP_FAILURE_RETRY(read(fd, super_buf, 1024)) != 1024) { |
| 403 | /* Probably a loopback device or something else without a readable |
| 404 | * superblock. |
| 405 | */ |
| 406 | close(fd); |
| 407 | continue; |
| 408 | } |
| 409 | |
| 410 | sb = (struct ext4_super_block *)super_buf; |
| 411 | if (sb->s_magic != EXT4_SUPER_MAGIC) { |
| 412 | INFO("/dev/block/%s not ext{234}\n", ent->d_name); |
| 413 | continue; |
| 414 | } |
| 415 | |
| 416 | if (!strncmp(label, sb->s_volume_name, label_len)) { |
| 417 | char *new_blk_device; |
| 418 | |
| 419 | if (asprintf(&new_blk_device, "/dev/block/%s", ent->d_name) < 0) { |
| 420 | ERROR("Could not allocate block device string\n"); |
| 421 | goto out; |
| 422 | } |
| 423 | |
| 424 | INFO("resolved label %s to %s\n", rec->blk_device, new_blk_device); |
| 425 | |
| 426 | free(rec->blk_device); |
| 427 | rec->blk_device = new_blk_device; |
| 428 | ret = 0; |
| 429 | break; |
| 430 | } |
| 431 | } |
| 432 | |
| 433 | out: |
| 434 | closedir(blockdir); |
| 435 | return ret; |
| 436 | } |
| 437 | |
Paul Crowley | c31f1f3 | 2016-02-09 21:05:01 +0000 | [diff] [blame] | 438 | static bool needs_block_encryption(const struct fstab_rec* rec) |
| 439 | { |
| 440 | if (device_is_force_encrypted() && fs_mgr_is_encryptable(rec)) return true; |
| 441 | if (rec->fs_mgr_flags & MF_FORCECRYPT) return true; |
| 442 | if (rec->fs_mgr_flags & MF_CRYPT) { |
| 443 | /* Check for existence of convert_fde breadcrumb file */ |
| 444 | char convert_fde_name[PATH_MAX]; |
| 445 | snprintf(convert_fde_name, sizeof(convert_fde_name), |
| 446 | "%s/misc/vold/convert_fde", rec->mount_point); |
| 447 | if (access(convert_fde_name, F_OK) == 0) return true; |
| 448 | } |
| 449 | if (rec->fs_mgr_flags & MF_FORCEFDEORFBE) { |
| 450 | /* Check for absence of convert_fbe breadcrumb file */ |
| 451 | char convert_fbe_name[PATH_MAX]; |
| 452 | snprintf(convert_fbe_name, sizeof(convert_fbe_name), |
| 453 | "%s/convert_fbe", rec->mount_point); |
| 454 | if (access(convert_fbe_name, F_OK) != 0) return true; |
| 455 | } |
| 456 | return false; |
| 457 | } |
| 458 | |
Paul Lawrence | b8c9d27 | 2015-03-26 15:49:42 +0000 | [diff] [blame] | 459 | // Check to see if a mountable volume has encryption requirements |
Paul Lawrence | 6908018 | 2016-02-02 10:31:30 -0800 | [diff] [blame] | 460 | static int handle_encryptable(const struct fstab_rec* rec) |
Paul Lawrence | b8c9d27 | 2015-03-26 15:49:42 +0000 | [diff] [blame] | 461 | { |
| 462 | /* If this is block encryptable, need to trigger encryption */ |
Paul Crowley | c31f1f3 | 2016-02-09 21:05:01 +0000 | [diff] [blame] | 463 | if (needs_block_encryption(rec)) { |
Paul Lawrence | b8c9d27 | 2015-03-26 15:49:42 +0000 | [diff] [blame] | 464 | if (umount(rec->mount_point) == 0) { |
| 465 | return FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION; |
| 466 | } else { |
| 467 | WARNING("Could not umount %s (%s) - allow continue unencrypted\n", |
| 468 | rec->mount_point, strerror(errno)); |
| 469 | return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED; |
| 470 | } |
Paul Crowley | c31f1f3 | 2016-02-09 21:05:01 +0000 | [diff] [blame] | 471 | } else if (rec->fs_mgr_flags & (MF_FILEENCRYPTION | MF_FORCEFDEORFBE)) { |
Paul Lawrence | b8c9d27 | 2015-03-26 15:49:42 +0000 | [diff] [blame] | 472 | // Deal with file level encryption |
Paul Lawrence | 6908018 | 2016-02-02 10:31:30 -0800 | [diff] [blame] | 473 | INFO("%s is file encrypted\n", rec->mount_point); |
| 474 | return FS_MGR_MNTALL_DEV_FILE_ENCRYPTED; |
Paul Lawrence | 1098aac | 2016-03-04 15:52:33 -0800 | [diff] [blame] | 475 | } else if (fs_mgr_is_encryptable(rec)) { |
Paul Crowley | c31f1f3 | 2016-02-09 21:05:01 +0000 | [diff] [blame] | 476 | return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED; |
Paul Lawrence | 1098aac | 2016-03-04 15:52:33 -0800 | [diff] [blame] | 477 | } else { |
| 478 | return FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE; |
Paul Lawrence | b8c9d27 | 2015-03-26 15:49:42 +0000 | [diff] [blame] | 479 | } |
Paul Lawrence | b8c9d27 | 2015-03-26 15:49:42 +0000 | [diff] [blame] | 480 | } |
| 481 | |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 482 | /* When multiple fstab records share the same mount_point, it will |
| 483 | * try to mount each one in turn, and ignore any duplicates after a |
| 484 | * first successful mount. |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 485 | * Returns -1 on error, and FS_MGR_MNTALL_* otherwise. |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 486 | */ |
Wei Wang | 254f443 | 2016-08-23 11:58:09 -0700 | [diff] [blame] | 487 | int fs_mgr_mount_all(struct fstab *fstab, int mount_mode) |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 488 | { |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 489 | int i = 0; |
Paul Lawrence | 1098aac | 2016-03-04 15:52:33 -0800 | [diff] [blame] | 490 | int encryptable = FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE; |
Mohamad Ayyash | 38afe5f | 2014-03-10 15:40:29 -0700 | [diff] [blame] | 491 | int error_count = 0; |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 492 | int mret = -1; |
| 493 | int mount_errno = 0; |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 494 | int attempted_idx = -1; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 495 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 496 | if (!fstab) { |
Mohamad Ayyash | 38afe5f | 2014-03-10 15:40:29 -0700 | [diff] [blame] | 497 | return -1; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 498 | } |
| 499 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 500 | for (i = 0; i < fstab->num_entries; i++) { |
Wei Wang | 254f443 | 2016-08-23 11:58:09 -0700 | [diff] [blame] | 501 | /* Don't mount entries that are managed by vold or not for the mount mode*/ |
| 502 | if ((fstab->recs[i].fs_mgr_flags & (MF_VOLDMANAGED | MF_RECOVERYONLY)) || |
| 503 | ((mount_mode == MOUNT_MODE_LATE) && !fs_mgr_is_latemount(&fstab->recs[i])) || |
| 504 | ((mount_mode == MOUNT_MODE_EARLY) && fs_mgr_is_latemount(&fstab->recs[i]))) { |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 505 | continue; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 506 | } |
| 507 | |
Ken Sumrall | 5bc31a2 | 2013-07-08 19:11:55 -0700 | [diff] [blame] | 508 | /* Skip swap and raw partition entries such as boot, recovery, etc */ |
| 509 | if (!strcmp(fstab->recs[i].fs_type, "swap") || |
| 510 | !strcmp(fstab->recs[i].fs_type, "emmc") || |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 511 | !strcmp(fstab->recs[i].fs_type, "mtd")) { |
| 512 | continue; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 513 | } |
| 514 | |
Daniel Rosenberg | 31a4faf | 2015-06-29 17:33:05 -0700 | [diff] [blame] | 515 | /* Skip mounting the root partition, as it will already have been mounted */ |
| 516 | if (!strcmp(fstab->recs[i].mount_point, "/")) { |
| 517 | if ((fstab->recs[i].fs_mgr_flags & MS_RDONLY) != 0) { |
| 518 | fs_mgr_set_blk_ro(fstab->recs[i].blk_device); |
| 519 | } |
| 520 | continue; |
| 521 | } |
| 522 | |
Christoffer Dall | 8298234 | 2014-12-17 21:26:54 +0100 | [diff] [blame] | 523 | /* Translate LABEL= file system labels into block devices */ |
| 524 | if (!strcmp(fstab->recs[i].fs_type, "ext2") || |
| 525 | !strcmp(fstab->recs[i].fs_type, "ext3") || |
| 526 | !strcmp(fstab->recs[i].fs_type, "ext4")) { |
| 527 | int tret = translate_ext_labels(&fstab->recs[i]); |
| 528 | if (tret < 0) { |
| 529 | ERROR("Could not translate label to block device\n"); |
| 530 | continue; |
| 531 | } |
| 532 | } |
| 533 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 534 | if (fstab->recs[i].fs_mgr_flags & MF_WAIT) { |
| 535 | wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT); |
| 536 | } |
| 537 | |
Paul Lawrence | bbb3631 | 2014-10-09 14:22:49 +0000 | [diff] [blame] | 538 | if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) { |
| 539 | int rc = fs_mgr_setup_verity(&fstab->recs[i]); |
| 540 | if (device_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) { |
| 541 | INFO("Verity disabled"); |
| 542 | } else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) { |
JP Abgrall | 4bb7bba | 2014-06-19 22:12:20 -0700 | [diff] [blame] | 543 | ERROR("Could not set up verified partition, skipping!\n"); |
Geremy Condra | 3ad3d1c | 2013-02-22 18:11:41 -0800 | [diff] [blame] | 544 | continue; |
| 545 | } |
| 546 | } |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 547 | int last_idx_inspected; |
Chris Fries | 79f3384 | 2013-09-05 13:19:21 -0500 | [diff] [blame] | 548 | int top_idx = i; |
| 549 | |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 550 | mret = mount_with_alternatives(fstab, i, &last_idx_inspected, &attempted_idx); |
| 551 | i = last_idx_inspected; |
| 552 | mount_errno = errno; |
JP Abgrall | f786fe5 | 2014-06-18 07:28:14 +0000 | [diff] [blame] | 553 | |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 554 | /* Deal with encryptability. */ |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 555 | if (!mret) { |
Paul Lawrence | 6908018 | 2016-02-02 10:31:30 -0800 | [diff] [blame] | 556 | int status = handle_encryptable(&fstab->recs[attempted_idx]); |
Paul Lawrence | b8c9d27 | 2015-03-26 15:49:42 +0000 | [diff] [blame] | 557 | |
| 558 | if (status == FS_MGR_MNTALL_FAIL) { |
| 559 | /* Fatal error - no point continuing */ |
| 560 | return status; |
Paul Lawrence | 166fa3d | 2014-02-03 13:27:49 -0800 | [diff] [blame] | 561 | } |
Paul Lawrence | b8c9d27 | 2015-03-26 15:49:42 +0000 | [diff] [blame] | 562 | |
Paul Lawrence | 1098aac | 2016-03-04 15:52:33 -0800 | [diff] [blame] | 563 | if (status != FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE) { |
| 564 | if (encryptable != FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE) { |
Paul Lawrence | b8c9d27 | 2015-03-26 15:49:42 +0000 | [diff] [blame] | 565 | // Log and continue |
| 566 | ERROR("Only one encryptable/encrypted partition supported\n"); |
| 567 | } |
| 568 | encryptable = status; |
| 569 | } |
| 570 | |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 571 | /* Success! Go get the next one */ |
| 572 | continue; |
| 573 | } |
| 574 | |
Chris Fries | 79f3384 | 2013-09-05 13:19:21 -0500 | [diff] [blame] | 575 | /* mount(2) returned an error, handle the encryptable/formattable case */ |
| 576 | bool wiped = partition_wiped(fstab->recs[top_idx].blk_device); |
Chuanxiao Dong | d78dff1 | 2016-03-08 15:54:55 +0100 | [diff] [blame] | 577 | bool crypt_footer = false; |
Chris Fries | 79f3384 | 2013-09-05 13:19:21 -0500 | [diff] [blame] | 578 | if (mret && mount_errno != EBUSY && mount_errno != EACCES && |
| 579 | fs_mgr_is_formattable(&fstab->recs[top_idx]) && wiped) { |
| 580 | /* top_idx and attempted_idx point at the same partition, but sometimes |
| 581 | * at two different lines in the fstab. Use the top one for formatting |
| 582 | * as that is the preferred one. |
| 583 | */ |
| 584 | ERROR("%s(): %s is wiped and %s %s is formattable. Format it.\n", __func__, |
| 585 | fstab->recs[top_idx].blk_device, fstab->recs[top_idx].mount_point, |
| 586 | fstab->recs[top_idx].fs_type); |
| 587 | if (fs_mgr_is_encryptable(&fstab->recs[top_idx]) && |
| 588 | strcmp(fstab->recs[top_idx].key_loc, KEY_IN_FOOTER)) { |
George Burgess IV | e7aa2b2 | 2016-03-02 14:02:55 -0800 | [diff] [blame] | 589 | int fd = open(fstab->recs[top_idx].key_loc, O_WRONLY); |
Chris Fries | 79f3384 | 2013-09-05 13:19:21 -0500 | [diff] [blame] | 590 | if (fd >= 0) { |
| 591 | INFO("%s(): also wipe %s\n", __func__, fstab->recs[top_idx].key_loc); |
| 592 | wipe_block_device(fd, get_file_size(fd)); |
| 593 | close(fd); |
| 594 | } else { |
| 595 | ERROR("%s(): %s wouldn't open (%s)\n", __func__, |
| 596 | fstab->recs[top_idx].key_loc, strerror(errno)); |
| 597 | } |
Chuanxiao Dong | d78dff1 | 2016-03-08 15:54:55 +0100 | [diff] [blame] | 598 | } else if (fs_mgr_is_encryptable(&fstab->recs[top_idx]) && |
| 599 | !strcmp(fstab->recs[top_idx].key_loc, KEY_IN_FOOTER)) { |
| 600 | crypt_footer = true; |
Chris Fries | 79f3384 | 2013-09-05 13:19:21 -0500 | [diff] [blame] | 601 | } |
Chuanxiao Dong | d78dff1 | 2016-03-08 15:54:55 +0100 | [diff] [blame] | 602 | if (fs_mgr_do_format(&fstab->recs[top_idx], crypt_footer) == 0) { |
Chris Fries | 79f3384 | 2013-09-05 13:19:21 -0500 | [diff] [blame] | 603 | /* Let's replay the mount actions. */ |
| 604 | i = top_idx - 1; |
| 605 | continue; |
Matthew Bouyack | 9c59cbc | 2016-05-02 15:55:30 -0700 | [diff] [blame] | 606 | } else { |
| 607 | ERROR("%s(): Format failed. Suggest recovery...\n", __func__); |
| 608 | encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY; |
| 609 | continue; |
Chris Fries | 79f3384 | 2013-09-05 13:19:21 -0500 | [diff] [blame] | 610 | } |
| 611 | } |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 612 | if (mret && mount_errno != EBUSY && mount_errno != EACCES && |
JP Abgrall | cee2068 | 2014-07-02 14:26:54 -0700 | [diff] [blame] | 613 | fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) { |
Chris Fries | 79f3384 | 2013-09-05 13:19:21 -0500 | [diff] [blame] | 614 | if (wiped) { |
JP Abgrall | cee2068 | 2014-07-02 14:26:54 -0700 | [diff] [blame] | 615 | ERROR("%s(): %s is wiped and %s %s is encryptable. Suggest recovery...\n", __func__, |
| 616 | fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point, |
| 617 | fstab->recs[attempted_idx].fs_type); |
| 618 | encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY; |
Mohamad Ayyash | 38afe5f | 2014-03-10 15:40:29 -0700 | [diff] [blame] | 619 | continue; |
JP Abgrall | 4bb7bba | 2014-06-19 22:12:20 -0700 | [diff] [blame] | 620 | } else { |
| 621 | /* Need to mount a tmpfs at this mountpoint for now, and set |
| 622 | * properties that vold will query later for decrypting |
| 623 | */ |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 624 | ERROR("%s(): possibly an encryptable blkdev %s for mount %s type %s )\n", __func__, |
| 625 | fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point, |
| 626 | fstab->recs[attempted_idx].fs_type); |
| 627 | if (fs_mgr_do_tmpfs_mount(fstab->recs[attempted_idx].mount_point) < 0) { |
JP Abgrall | 4bb7bba | 2014-06-19 22:12:20 -0700 | [diff] [blame] | 628 | ++error_count; |
| 629 | continue; |
| 630 | } |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 631 | } |
JP Abgrall | f22b745 | 2014-07-02 13:16:04 -0700 | [diff] [blame] | 632 | encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 633 | } else { |
Daniel Rosenberg | d38e3c5 | 2016-04-07 20:10:25 -0700 | [diff] [blame] | 634 | if (fs_mgr_is_nofail(&fstab->recs[attempted_idx])) { |
| 635 | ERROR("Ignoring failure to mount an un-encryptable or wiped partition on" |
| 636 | "%s at %s options: %s error: %s\n", |
| 637 | fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point, |
| 638 | fstab->recs[attempted_idx].fs_options, strerror(mount_errno)); |
| 639 | } else { |
| 640 | ERROR("Failed to mount an un-encryptable or wiped partition on" |
| 641 | "%s at %s options: %s error: %s\n", |
| 642 | fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point, |
| 643 | fstab->recs[attempted_idx].fs_options, strerror(mount_errno)); |
| 644 | ++error_count; |
| 645 | } |
Mohamad Ayyash | 38afe5f | 2014-03-10 15:40:29 -0700 | [diff] [blame] | 646 | continue; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 647 | } |
| 648 | } |
| 649 | |
Mohamad Ayyash | 38afe5f | 2014-03-10 15:40:29 -0700 | [diff] [blame] | 650 | if (error_count) { |
| 651 | return -1; |
Mohamad Ayyash | 38afe5f | 2014-03-10 15:40:29 -0700 | [diff] [blame] | 652 | } else { |
Paul Lawrence | 166fa3d | 2014-02-03 13:27:49 -0800 | [diff] [blame] | 653 | return encryptable; |
Mohamad Ayyash | 38afe5f | 2014-03-10 15:40:29 -0700 | [diff] [blame] | 654 | } |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 655 | } |
| 656 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 657 | /* If tmp_mount_point is non-null, mount the filesystem there. This is for the |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 658 | * tmp mount we do to check the user password |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 659 | * If multiple fstab entries are to be mounted on "n_name", it will try to mount each one |
| 660 | * in turn, and stop on 1st success, or no more match. |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 661 | */ |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 662 | int fs_mgr_do_mount(struct fstab *fstab, char *n_name, char *n_blk_device, |
| 663 | char *tmp_mount_point) |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 664 | { |
| 665 | int i = 0; |
Paul Lawrence | cf234dc | 2014-09-09 10:44:51 -0700 | [diff] [blame] | 666 | int ret = FS_MGR_DOMNT_FAILED; |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 667 | int mount_errors = 0; |
| 668 | int first_mount_errno = 0; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 669 | char *m; |
| 670 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 671 | if (!fstab) { |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 672 | return ret; |
| 673 | } |
| 674 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 675 | for (i = 0; i < fstab->num_entries; i++) { |
| 676 | if (!fs_match(fstab->recs[i].mount_point, n_name)) { |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 677 | continue; |
| 678 | } |
| 679 | |
| 680 | /* We found our match */ |
Ken Sumrall | 5bc31a2 | 2013-07-08 19:11:55 -0700 | [diff] [blame] | 681 | /* If this swap or a raw partition, report an error */ |
| 682 | if (!strcmp(fstab->recs[i].fs_type, "swap") || |
| 683 | !strcmp(fstab->recs[i].fs_type, "emmc") || |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 684 | !strcmp(fstab->recs[i].fs_type, "mtd")) { |
| 685 | ERROR("Cannot mount filesystem of type %s on %s\n", |
| 686 | fstab->recs[i].fs_type, n_blk_device); |
| 687 | goto out; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 688 | } |
| 689 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 690 | /* First check the filesystem if requested */ |
| 691 | if (fstab->recs[i].fs_mgr_flags & MF_WAIT) { |
| 692 | wait_for_file(n_blk_device, WAIT_TIMEOUT); |
| 693 | } |
| 694 | |
| 695 | if (fstab->recs[i].fs_mgr_flags & MF_CHECK) { |
| 696 | check_fs(n_blk_device, fstab->recs[i].fs_type, |
| 697 | fstab->recs[i].mount_point); |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 698 | } |
| 699 | |
Paul Lawrence | bbb3631 | 2014-10-09 14:22:49 +0000 | [diff] [blame] | 700 | if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) { |
| 701 | int rc = fs_mgr_setup_verity(&fstab->recs[i]); |
| 702 | if (device_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) { |
| 703 | INFO("Verity disabled"); |
| 704 | } else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) { |
JP Abgrall | 4bb7bba | 2014-06-19 22:12:20 -0700 | [diff] [blame] | 705 | ERROR("Could not set up verified partition, skipping!\n"); |
Geremy Condra | 3ad3d1c | 2013-02-22 18:11:41 -0800 | [diff] [blame] | 706 | continue; |
| 707 | } |
| 708 | } |
| 709 | |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 710 | /* Now mount it where requested */ |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 711 | if (tmp_mount_point) { |
| 712 | m = tmp_mount_point; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 713 | } else { |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 714 | m = fstab->recs[i].mount_point; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 715 | } |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 716 | if (__mount(n_blk_device, m, &fstab->recs[i])) { |
| 717 | if (!first_mount_errno) first_mount_errno = errno; |
| 718 | mount_errors++; |
| 719 | continue; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 720 | } else { |
| 721 | ret = 0; |
| 722 | goto out; |
| 723 | } |
| 724 | } |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 725 | if (mount_errors) { |
| 726 | ERROR("Cannot mount filesystem on %s at %s. error: %s\n", |
| 727 | n_blk_device, m, strerror(first_mount_errno)); |
Paul Lawrence | cf234dc | 2014-09-09 10:44:51 -0700 | [diff] [blame] | 728 | if (first_mount_errno == EBUSY) { |
| 729 | ret = FS_MGR_DOMNT_BUSY; |
| 730 | } else { |
| 731 | ret = FS_MGR_DOMNT_FAILED; |
| 732 | } |
JP Abgrall | 5c01dac | 2014-06-18 14:54:37 -0700 | [diff] [blame] | 733 | } else { |
| 734 | /* We didn't find a match, say so and return an error */ |
| 735 | ERROR("Cannot find mount point %s in fstab\n", fstab->recs[i].mount_point); |
| 736 | } |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 737 | |
| 738 | out: |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 739 | return ret; |
| 740 | } |
| 741 | |
| 742 | /* |
| 743 | * mount a tmpfs filesystem at the given point. |
| 744 | * return 0 on success, non-zero on failure. |
| 745 | */ |
| 746 | int fs_mgr_do_tmpfs_mount(char *n_name) |
| 747 | { |
| 748 | int ret; |
| 749 | |
| 750 | ret = mount("tmpfs", n_name, "tmpfs", |
| 751 | MS_NOATIME | MS_NOSUID | MS_NODEV, CRYPTO_TMPFS_OPTIONS); |
| 752 | if (ret < 0) { |
| 753 | ERROR("Cannot mount tmpfs filesystem at %s\n", n_name); |
| 754 | return -1; |
| 755 | } |
| 756 | |
| 757 | /* Success */ |
| 758 | return 0; |
| 759 | } |
| 760 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 761 | int fs_mgr_unmount_all(struct fstab *fstab) |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 762 | { |
| 763 | int i = 0; |
| 764 | int ret = 0; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 765 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 766 | if (!fstab) { |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 767 | return -1; |
| 768 | } |
| 769 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 770 | while (fstab->recs[i].blk_device) { |
| 771 | if (umount(fstab->recs[i].mount_point)) { |
| 772 | ERROR("Cannot unmount filesystem at %s\n", fstab->recs[i].mount_point); |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 773 | ret = -1; |
| 774 | } |
| 775 | i++; |
| 776 | } |
| 777 | |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 778 | return ret; |
| 779 | } |
Ken Sumrall | 5bc31a2 | 2013-07-08 19:11:55 -0700 | [diff] [blame] | 780 | |
| 781 | /* This must be called after mount_all, because the mkswap command needs to be |
| 782 | * available. |
| 783 | */ |
| 784 | int fs_mgr_swapon_all(struct fstab *fstab) |
| 785 | { |
| 786 | int i = 0; |
| 787 | int flags = 0; |
| 788 | int err = 0; |
| 789 | int ret = 0; |
| 790 | int status; |
| 791 | char *mkswap_argv[2] = { |
| 792 | MKSWAP_BIN, |
| 793 | NULL |
| 794 | }; |
| 795 | |
| 796 | if (!fstab) { |
| 797 | return -1; |
| 798 | } |
| 799 | |
| 800 | for (i = 0; i < fstab->num_entries; i++) { |
| 801 | /* Skip non-swap entries */ |
| 802 | if (strcmp(fstab->recs[i].fs_type, "swap")) { |
| 803 | continue; |
| 804 | } |
| 805 | |
| 806 | if (fstab->recs[i].zram_size > 0) { |
| 807 | /* A zram_size was specified, so we need to configure the |
| 808 | * device. There is no point in having multiple zram devices |
| 809 | * on a system (all the memory comes from the same pool) so |
| 810 | * we can assume the device number is 0. |
| 811 | */ |
| 812 | FILE *zram_fp; |
| 813 | |
| 814 | zram_fp = fopen(ZRAM_CONF_DEV, "r+"); |
| 815 | if (zram_fp == NULL) { |
JP Abgrall | 4bb7bba | 2014-06-19 22:12:20 -0700 | [diff] [blame] | 816 | ERROR("Unable to open zram conf device %s\n", ZRAM_CONF_DEV); |
Ken Sumrall | 5bc31a2 | 2013-07-08 19:11:55 -0700 | [diff] [blame] | 817 | ret = -1; |
| 818 | continue; |
| 819 | } |
| 820 | fprintf(zram_fp, "%d\n", fstab->recs[i].zram_size); |
| 821 | fclose(zram_fp); |
| 822 | } |
| 823 | |
| 824 | if (fstab->recs[i].fs_mgr_flags & MF_WAIT) { |
| 825 | wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT); |
| 826 | } |
| 827 | |
| 828 | /* Initialize the swap area */ |
| 829 | mkswap_argv[1] = fstab->recs[i].blk_device; |
| 830 | err = android_fork_execvp_ext(ARRAY_SIZE(mkswap_argv), mkswap_argv, |
Yusuke Sato | d81c3c6 | 2015-08-14 01:22:53 -0700 | [diff] [blame] | 831 | &status, true, LOG_KLOG, false, NULL, |
| 832 | NULL, 0); |
Ken Sumrall | 5bc31a2 | 2013-07-08 19:11:55 -0700 | [diff] [blame] | 833 | if (err) { |
| 834 | ERROR("mkswap failed for %s\n", fstab->recs[i].blk_device); |
| 835 | ret = -1; |
| 836 | continue; |
| 837 | } |
| 838 | |
| 839 | /* If -1, then no priority was specified in fstab, so don't set |
| 840 | * SWAP_FLAG_PREFER or encode the priority */ |
| 841 | if (fstab->recs[i].swap_prio >= 0) { |
| 842 | flags = (fstab->recs[i].swap_prio << SWAP_FLAG_PRIO_SHIFT) & |
| 843 | SWAP_FLAG_PRIO_MASK; |
| 844 | flags |= SWAP_FLAG_PREFER; |
| 845 | } else { |
| 846 | flags = 0; |
| 847 | } |
| 848 | err = swapon(fstab->recs[i].blk_device, flags); |
| 849 | if (err) { |
| 850 | ERROR("swapon failed for %s\n", fstab->recs[i].blk_device); |
| 851 | ret = -1; |
| 852 | } |
| 853 | } |
| 854 | |
| 855 | return ret; |
| 856 | } |
| 857 | |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 858 | /* |
| 859 | * key_loc must be at least PROPERTY_VALUE_MAX bytes long |
| 860 | * |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 861 | * real_blk_device must be at least PROPERTY_VALUE_MAX bytes long |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 862 | */ |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 863 | int fs_mgr_get_crypt_info(struct fstab *fstab, char *key_loc, char *real_blk_device, int size) |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 864 | { |
| 865 | int i = 0; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 866 | |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 867 | if (!fstab) { |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 868 | return -1; |
| 869 | } |
| 870 | /* Initialize return values to null strings */ |
| 871 | if (key_loc) { |
| 872 | *key_loc = '\0'; |
| 873 | } |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 874 | if (real_blk_device) { |
| 875 | *real_blk_device = '\0'; |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 876 | } |
| 877 | |
| 878 | /* Look for the encryptable partition to find the data */ |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 879 | for (i = 0; i < fstab->num_entries; i++) { |
| 880 | /* Don't deal with vold managed enryptable partitions here */ |
| 881 | if (fstab->recs[i].fs_mgr_flags & MF_VOLDMANAGED) { |
| 882 | continue; |
| 883 | } |
Paul Lawrence | b262d68 | 2015-10-29 10:31:02 -0700 | [diff] [blame] | 884 | if (!(fstab->recs[i].fs_mgr_flags |
| 885 | & (MF_CRYPT | MF_FORCECRYPT | MF_FORCEFDEORFBE))) { |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 886 | continue; |
| 887 | } |
| 888 | |
| 889 | /* We found a match */ |
| 890 | if (key_loc) { |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 891 | strlcpy(key_loc, fstab->recs[i].key_loc, size); |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 892 | } |
Ken Sumrall | ab6b852 | 2013-02-13 12:58:40 -0800 | [diff] [blame] | 893 | if (real_blk_device) { |
| 894 | strlcpy(real_blk_device, fstab->recs[i].blk_device, size); |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 895 | } |
| 896 | break; |
| 897 | } |
| 898 | |
Ken Sumrall | c1bf896 | 2012-01-06 19:09:42 -0800 | [diff] [blame] | 899 | return 0; |
| 900 | } |
Hung-ying Tyan | 99c4a8a | 2016-02-01 15:07:40 +0800 | [diff] [blame] | 901 | |
| 902 | int fs_mgr_early_setup_verity(struct fstab_rec *fstab_rec) |
| 903 | { |
| 904 | if ((fstab_rec->fs_mgr_flags & MF_VERIFY) && device_is_secure()) { |
| 905 | int rc = fs_mgr_setup_verity(fstab_rec); |
| 906 | if (device_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) { |
| 907 | INFO("Verity disabled"); |
| 908 | return FS_MGR_EARLY_SETUP_VERITY_NO_VERITY; |
| 909 | } else if (rc == FS_MGR_SETUP_VERITY_SUCCESS) { |
| 910 | return FS_MGR_EARLY_SETUP_VERITY_SUCCESS; |
| 911 | } else { |
| 912 | return FS_MGR_EARLY_SETUP_VERITY_FAIL; |
| 913 | } |
| 914 | } else if (device_is_secure()) { |
| 915 | ERROR("Verity must be enabled for early mounted partitions on secured devices.\n"); |
| 916 | return FS_MGR_EARLY_SETUP_VERITY_FAIL; |
| 917 | } |
| 918 | return FS_MGR_EARLY_SETUP_VERITY_NO_VERITY; |
| 919 | } |