Merge RP1A.200123.001
Change-Id: Ibfa73fd7557ebaa4aa61105a5661d1036cf7b474
diff --git a/Android.bp b/Android.bp
index b84cc5f..518918c 100644
--- a/Android.bp
+++ b/Android.bp
@@ -160,6 +160,14 @@
debuggable: {
cppflags: ["-D__ANDROID_DEBUGGABLE__"],
},
+ device_support_hwfde: {
+ cflags: ["-DCONFIG_HW_DISK_ENCRYPTION"],
+ header_libs: ["libcryptfs_hw_headers"],
+ shared_libs: ["libcryptfs_hw"],
+ },
+ device_support_hwfde_perf: {
+ cflags: ["-DCONFIG_HW_DISK_ENCRYPT_PERF"],
+ },
},
shared_libs: [
"android.hardware.health.storage@1.0",
@@ -186,6 +194,9 @@
"libarcobbvolume",
],
},
+ device_support_hwfde: {
+ shared_libs: ["libcryptfs_hw"],
+ },
},
init_rc: [
"vold.rc",
diff --git a/EncryptInplace.cpp b/EncryptInplace.cpp
index 9d304da..14277a4 100644
--- a/EncryptInplace.cpp
+++ b/EncryptInplace.cpp
@@ -273,17 +273,23 @@
}
LOG(DEBUG) << "Opening" << crypto_blkdev;
- // Wait until the block device appears. Re-use the mount retry values since it is reasonable.
- while ((data.cryptofd = open(crypto_blkdev, O_WRONLY | O_CLOEXEC)) < 0) {
- if (--retries) {
- PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
- << " for ext4 inplace encrypt, retrying";
- sleep(RETRY_MOUNT_DELAY_SECONDS);
- } else {
- PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
- << " for ext4 inplace encrypt";
- rc = ENABLE_INPLACE_ERR_DEV;
- goto errout;
+ if (!strncmp(real_blkdev, crypto_blkdev, strlen(real_blkdev)))
+ data.cryptofd = data.realfd;
+ else {
+ // Wait until the block device appears. Re-use the mount retry values since it is reasonable.
+ while ((data.cryptofd = open(crypto_blkdev, O_WRONLY|O_CLOEXEC)) < 0) {
+ if (--retries) {
+ PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
+ << " for ext4 inplace encrypt. err=" << errno
+ << "(" << strerror(errno) << "), retrying";
+ sleep(RETRY_MOUNT_DELAY_SECONDS);
+ } else {
+ PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
+ << " for ext4 inplace encrypt. err=" << errno
+ << "(" << strerror(errno) << "), retrying";
+ rc = ENABLE_INPLACE_ERR_DEV;
+ goto errout;
+ }
}
}
@@ -331,7 +337,8 @@
errout:
close(data.realfd);
- close(data.cryptofd);
+ if (strncmp(real_blkdev, crypto_blkdev, strlen(real_blkdev)))
+ close(data.cryptofd);
return rc;
}
@@ -407,11 +414,16 @@
PLOG(ERROR) << "Error opening real_blkdev " << real_blkdev << " for f2fs inplace encrypt";
goto errout;
}
- if ((data.cryptofd = open64(crypto_blkdev, O_WRONLY | O_CLOEXEC)) < 0) {
- PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
- << " for f2fs inplace encrypt";
- rc = ENABLE_INPLACE_ERR_DEV;
- goto errout;
+ if (!strncmp(real_blkdev, crypto_blkdev, strlen(real_blkdev)))
+ data.cryptofd = data.realfd;
+ else {
+ if ((data.cryptofd = open64(crypto_blkdev, O_WRONLY|O_CLOEXEC)) < 0) {
+ PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
+ << " for f2fs inplace encrypt. err=" << errno
+ << "(" << strerror(errno) << "), retrying";
+ rc = ENABLE_INPLACE_ERR_DEV;
+ goto errout;
+ }
}
f2fs_info = generate_f2fs_info(data.realfd);
@@ -460,7 +472,8 @@
free(f2fs_info);
free(data.buffer);
close(data.realfd);
- close(data.cryptofd);
+ if (strncmp(real_blkdev, crypto_blkdev, strlen(real_blkdev)))
+ close(data.cryptofd);
return rc;
}
@@ -481,10 +494,16 @@
return ENABLE_INPLACE_ERR_OTHER;
}
- if ((cryptofd = open(crypto_blkdev, O_WRONLY | O_CLOEXEC)) < 0) {
- PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev << " for inplace encrypt";
- close(realfd);
- return ENABLE_INPLACE_ERR_DEV;
+ if (!strncmp(real_blkdev, crypto_blkdev, strlen(real_blkdev)))
+ cryptofd = realfd;
+ else {
+ if ((cryptofd = open(crypto_blkdev, O_WRONLY|O_CLOEXEC)) < 0) {
+ PLOG(ERROR) << "Error opening crypto_blkdev " << crypto_blkdev
+ << " for inplace encrypt. err=" << errno
+ << "(" << strerror(errno) << "), retrying";
+ close(realfd);
+ return ENABLE_INPLACE_ERR_DEV;
+ }
}
/* This is pretty much a simple loop of reading 4K, and writing 4K.
@@ -506,9 +525,11 @@
goto errout;
}
- if (lseek64(cryptofd, i * CRYPT_SECTOR_SIZE, SEEK_SET) < 0) {
- PLOG(ERROR) << "Cannot seek to previously encrypted point on " << crypto_blkdev;
- goto errout;
+ if (strncmp(real_blkdev, crypto_blkdev, strlen(real_blkdev))) {
+ if (lseek64(cryptofd, i * CRYPT_SECTOR_SIZE, SEEK_SET) < 0) {
+ PLOG(ERROR) << "Cannot seek to previously encrypted point on " << crypto_blkdev;
+ goto errout;
+ }
}
for (; i < size && i % CRYPT_SECTORS_PER_BUFSIZE != 0; ++i) {
@@ -572,7 +593,8 @@
errout:
close(realfd);
- close(cryptofd);
+ if (strncmp(real_blkdev, crypto_blkdev, strlen(real_blkdev)))
+ close(cryptofd);
return rc;
}
diff --git a/FsCrypt.cpp b/FsCrypt.cpp
index 603362f..0020cf2 100644
--- a/FsCrypt.cpp
+++ b/FsCrypt.cpp
@@ -16,10 +16,12 @@
#include "FsCrypt.h"
+#include "Keymaster.h"
#include "KeyStorage.h"
#include "KeyUtil.h"
#include "Utils.h"
#include "VoldUtil.h"
+#include "model/Disk.h"
#include <algorithm>
#include <map>
@@ -65,6 +67,8 @@
using android::fs_mgr::GetEntryForMountPoint;
using android::vold::kEmptyAuthentication;
using android::vold::KeyBuffer;
+using android::vold::Keymaster;
+using android::hardware::keymaster::V4_0::KeyFormat;
using android::vold::writeStringToFile;
using namespace android::fscrypt;
@@ -215,9 +219,10 @@
}
// Retrieve the options to use for encryption policies on adoptable storage.
-static bool get_volume_file_encryption_options(EncryptionOptions* options) {
+static bool get_volume_file_encryption_options(EncryptionOptions* options, int flags) {
auto contents_mode =
- android::base::GetProperty("ro.crypto.volume.contents_mode", "aes-256-xts");
+ android::base::GetProperty("ro.crypto.volume.contents_mode",
+ is_ice_supported_external(flags) ? "ice" : "aes-256-xts");
auto filenames_mode =
android::base::GetProperty("ro.crypto.volume.filenames_mode", "aes-256-heh");
return ParseOptions(android::base::GetProperty("ro.crypto.volume.options",
@@ -235,12 +240,46 @@
return android::vold::evictKey(DATA_MNT_POINT, raw_ref, get_data_file_policy_version());
}
+bool is_ice_supported_external(int flags) {
+ /*
+ * Logic can be changed when more card controllers start supporting ICE.
+ * Until then, checking only for UFS card.
+ */
+ if ((flags & android::vold::Disk::Flags::kUfsCard) ==
+ android::vold::Disk::Flags::kUfsCard)
+ return true;
+ return false;
+}
+
+bool is_wrapped_key_supported() {
+ return GetEntryForMountPoint(&fstab_default, DATA_MNT_POINT)->fs_mgr_flags.wrapped_key;
+}
+
+bool is_wrapped_key_supported_external(int flags) {
+ if (is_ice_supported_external(flags))
+ return GetEntryForMountPoint(&fstab_default, DATA_MNT_POINT)->fs_mgr_flags.wrapped_key;
+ return false;
+}
+
+bool is_metadata_wrapped_key_supported() {
+ return GetEntryForMountPoint(&fstab_default, METADATA_MNT_POINT)->fs_mgr_flags.wrapped_key;
+}
+
static bool read_and_install_user_ce_key(userid_t user_id,
const android::vold::KeyAuthentication& auth) {
if (s_ce_key_raw_refs.count(user_id) != 0) return true;
KeyBuffer ce_key;
if (!read_and_fixate_user_ce_key(user_id, auth, &ce_key)) return false;
std::string ce_raw_ref;
+
+ if (is_wrapped_key_supported()) {
+ KeyBuffer ephemeral_wrapped_key;
+ if (!getEphemeralWrappedKey(KeyFormat::RAW, ce_key, &ephemeral_wrapped_key)) {
+ LOG(ERROR) << "Failed to export ce key";
+ return false;
+ }
+ ce_key = std::move(ephemeral_wrapped_key);
+ }
if (!install_data_key(ce_key, &ce_raw_ref)) return false;
s_ce_key_raw_refs[user_id] = ce_raw_ref;
LOG(DEBUG) << "Installed ce key for user " << user_id;
@@ -269,8 +308,15 @@
// it creates keys in a fixed location.
static bool create_and_install_user_keys(userid_t user_id, bool create_ephemeral) {
KeyBuffer de_key, ce_key;
- if (!android::vold::randomKey(&de_key)) return false;
- if (!android::vold::randomKey(&ce_key)) return false;
+
+ if(is_wrapped_key_supported()) {
+ if (!generateWrappedKey(user_id, android::vold::KeyType::DE_USER, &de_key)) return false;
+ if (!generateWrappedKey(user_id, android::vold::KeyType::CE_USER, &ce_key)) return false;
+ } else {
+ if (!android::vold::randomKey(&de_key)) return false;
+ if (!android::vold::randomKey(&ce_key)) return false;
+ }
+
if (create_ephemeral) {
// If the key should be created as ephemeral, don't store it.
s_ephemeral_users.insert(user_id);
@@ -289,12 +335,35 @@
kEmptyAuthentication, de_key))
return false;
}
+
+ /* Install the DE keys */
std::string de_raw_ref;
- if (!install_data_key(de_key, &de_raw_ref)) return false;
- s_de_key_raw_refs[user_id] = de_raw_ref;
std::string ce_raw_ref;
+
+ if (is_wrapped_key_supported()) {
+ KeyBuffer ephemeral_wrapped_de_key;
+ KeyBuffer ephemeral_wrapped_ce_key;
+
+ /* Export and install the DE keys */
+ if (!getEphemeralWrappedKey(KeyFormat::RAW, de_key, &ephemeral_wrapped_de_key)) {
+ LOG(ERROR) << "Failed to export de_key";
+ return false;
+ }
+ /* Export and install the CE keys */
+ if (!getEphemeralWrappedKey(KeyFormat::RAW, ce_key, &ephemeral_wrapped_ce_key)) {
+ LOG(ERROR) << "Failed to export de_key";
+ return false;
+ }
+
+ de_key = std::move(ephemeral_wrapped_de_key);
+ ce_key = std::move(ephemeral_wrapped_ce_key);
+ }
+ if (!install_data_key(de_key, &de_raw_ref)) return false;
if (!install_data_key(ce_key, &ce_raw_ref)) return false;
+
+ s_de_key_raw_refs[user_id] = de_raw_ref;
s_ce_key_raw_refs[user_id] = ce_raw_ref;
+
LOG(DEBUG) << "Created keys for user " << user_id;
return true;
}
@@ -344,6 +413,14 @@
KeyBuffer key;
if (!android::vold::retrieveKey(key_path, kEmptyAuthentication, &key)) return false;
std::string raw_ref;
+ if (is_wrapped_key_supported()) {
+ KeyBuffer ephemeral_wrapped_key;
+ if (!getEphemeralWrappedKey(KeyFormat::RAW, key, &ephemeral_wrapped_key)) {
+ LOG(ERROR) << "Failed to export de_key in create_and_install_user_keys";
+ return false;
+ }
+ key = std::move(ephemeral_wrapped_key);
+ }
if (!install_data_key(key, &raw_ref)) return false;
s_de_key_raw_refs[user_id] = raw_ref;
LOG(DEBUG) << "Installed de key for user " << user_id;
@@ -356,6 +433,7 @@
bool fscrypt_initialize_systemwide_keys() {
LOG(INFO) << "fscrypt_initialize_systemwide_keys";
+ bool wrapped_key_supported = false;
if (s_systemwide_keys_initialized) {
LOG(INFO) << "Already initialized";
@@ -364,10 +442,11 @@
EncryptionPolicy device_policy;
get_data_file_encryption_options(&device_policy.options);
+ wrapped_key_supported = is_wrapped_key_supported();
if (!android::vold::retrieveAndInstallKey(true, kEmptyAuthentication, device_key_path,
device_key_temp, "", device_policy.options.version,
- &device_policy.key_raw_ref))
+ &device_policy.key_raw_ref, wrapped_key_supported))
return false;
std::string options_string;
@@ -472,6 +551,7 @@
success &= evict_data_key(raw_ref);
drop_caches_if_needed();
}
+
s_ce_key_raw_refs.erase(user_id);
return success;
}
@@ -566,9 +646,10 @@
}
static bool read_or_create_volkey(const std::string& misc_path, const std::string& volume_uuid,
- EncryptionPolicy* policy) {
+ EncryptionPolicy* policy, int flags) {
auto secdiscardable_path = volume_secdiscardable_path(volume_uuid);
std::string secdiscardable_hash;
+ bool wrapped_key_supported = false;
if (android::vold::pathExists(secdiscardable_path)) {
if (!android::vold::readSecdiscardable(secdiscardable_path, &secdiscardable_hash))
return false;
@@ -587,11 +668,12 @@
}
android::vold::KeyAuthentication auth("", secdiscardable_hash);
- if (!get_volume_file_encryption_options(&policy->options)) return false;
+ if (!get_volume_file_encryption_options(&policy->options, flags)) return false;
+ wrapped_key_supported = is_wrapped_key_supported_external(flags);
return android::vold::retrieveAndInstallKey(true, auth, key_path, key_path + "_tmp",
volume_uuid, policy->options.version,
- &policy->key_raw_ref);
+ &policy->key_raw_ref, wrapped_key_supported);
}
static bool destroy_volkey(const std::string& misc_path, const std::string& volume_uuid) {
@@ -619,6 +701,7 @@
return false;
}
auto const paths = get_ce_key_paths(directory_path);
+
std::string ce_key_path;
if (!get_ce_key_new_path(directory_path, paths, &ce_key_path)) return false;
if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp, store_auth, ce_key))
@@ -764,7 +847,7 @@
if (!EnsurePolicy(de_policy, misc_de_path)) return false;
if (!EnsurePolicy(de_policy, vendor_de_path)) return false;
} else {
- if (!read_or_create_volkey(misc_de_path, volume_uuid, &de_policy)) return false;
+ if (!read_or_create_volkey(misc_de_path, volume_uuid, &de_policy, flags)) return false;
}
if (!EnsurePolicy(de_policy, user_de_path)) return false;
}
@@ -797,7 +880,7 @@
if (!EnsurePolicy(ce_policy, vendor_ce_path)) return false;
} else {
- if (!read_or_create_volkey(misc_ce_path, volume_uuid, &ce_policy)) return false;
+ if (!read_or_create_volkey(misc_ce_path, volume_uuid, &ce_policy, flags)) return false;
}
if (!EnsurePolicy(ce_policy, media_ce_path)) return false;
if (!EnsurePolicy(ce_policy, user_ce_path)) return false;
diff --git a/FsCrypt.h b/FsCrypt.h
index 641991a..d173b52 100644
--- a/FsCrypt.h
+++ b/FsCrypt.h
@@ -38,3 +38,7 @@
bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
bool fscrypt_destroy_volume_keys(const std::string& volume_uuid);
+bool is_ice_supported_external(int flags);
+bool is_wrapped_key_supported();
+bool is_metadata_wrapped_key_supported();
+bool is_wrapped_key_supported_external(int flags);
diff --git a/KeyStorage.cpp b/KeyStorage.cpp
index dbf190d..f2d91cc 100644
--- a/KeyStorage.cpp
+++ b/KeyStorage.cpp
@@ -64,6 +64,7 @@
static constexpr size_t STRETCHED_BYTES = 1 << 6;
static constexpr uint32_t AUTH_TIMEOUT = 30; // Seconds
+constexpr int EXT4_AES_256_XTS_KEY_SIZE = 64;
static const char* kCurrentVersion = "1";
static const char* kRmPath = "/system/bin/rm";
@@ -135,6 +136,68 @@
keymaster.generateKey(paramBuilder, key);
}
+bool generateWrappedKey(userid_t user_id, KeyType key_type,
+ KeyBuffer* key) {
+ Keymaster keymaster;
+ if (!keymaster) return false;
+ *key = KeyBuffer(EXT4_AES_256_XTS_KEY_SIZE);
+ std::string key_temp;
+ auto paramBuilder = km::AuthorizationSetBuilder()
+ .AesEncryptionKey(AES_KEY_BYTES * 8)
+ .GcmModeMinMacLen(GCM_MAC_BYTES * 8)
+ .Authorization(km::TAG_USER_ID, user_id);
+ km::KeyParameter param1;
+ param1.tag = static_cast<::android::hardware::keymaster::V4_0::Tag>(
+ ::android::hardware::keymaster::V4_0::KM_TAG_FBE_ICE);
+ param1.f.boolValue = true;
+ paramBuilder.push_back(param1);
+
+ km::KeyParameter param2;
+ if ((key_type == KeyType::DE_USER) || (key_type == KeyType::DE_SYS) || (key_type == KeyType::ME)) {
+ param2.tag = static_cast<::android::hardware::keymaster::V4_0::Tag>(
+ ::android::hardware::keymaster::V4_0::KM_TAG_KEY_TYPE);
+ param2.f.integer = 0;
+ } else if (key_type == KeyType::CE_USER) {
+ param2.tag = static_cast<::android::hardware::keymaster::V4_0::Tag>(
+ ::android::hardware::keymaster::V4_0::KM_TAG_KEY_TYPE);
+ param2.f.integer = 1;
+ }
+ paramBuilder.push_back(param2);
+
+ if (!keymaster.generateKey(paramBuilder, &key_temp)) return false;
+ *key = KeyBuffer(key_temp.size());
+ memcpy(reinterpret_cast<void*>(key->data()), key_temp.c_str(), key->size());
+ return true;
+}
+
+bool getEphemeralWrappedKey(km::KeyFormat format, KeyBuffer& kmKey, KeyBuffer* key) {
+ std::string key_temp;
+ Keymaster keymaster;
+ if (!keymaster) return false;
+
+ //Export once, if upgrade needed, upgrade and export again
+ bool export_again = true;
+ while (export_again) {
+ export_again = false;
+ auto ret = keymaster.exportKey(format, kmKey, "!", "!", &key_temp);
+ if (ret == km::ErrorCode::OK) {
+ *key = KeyBuffer(key_temp.size());
+ memcpy(reinterpret_cast<void*>(key->data()), key_temp.c_str(), key->size());
+ return true;
+ }
+ if (ret != km::ErrorCode::KEY_REQUIRES_UPGRADE) return false;
+ LOG(DEBUG) << "Upgrading key";
+ std::string kmKeyStr(reinterpret_cast<const char*>(kmKey.data()), kmKey.size());
+ std::string newKey;
+ if (!keymaster.upgradeKey(kmKeyStr, km::AuthorizationSet(), &newKey)) return false;
+ memcpy(reinterpret_cast<void*>(kmKey.data()), newKey.c_str(), kmKey.size());
+ LOG(INFO) << "Key upgraded";
+ export_again = true;
+ }
+ //Should never come here
+ return false;
+}
+
static std::pair<km::AuthorizationSet, km::HardwareAuthToken> beginParams(
const KeyAuthentication& auth, const std::string& appId) {
auto paramBuilder = km::AuthorizationSetBuilder()
diff --git a/KeyStorage.h b/KeyStorage.h
index 276b6b9..1980acb 100644
--- a/KeyStorage.h
+++ b/KeyStorage.h
@@ -17,8 +17,9 @@
#ifndef ANDROID_VOLD_KEYSTORAGE_H
#define ANDROID_VOLD_KEYSTORAGE_H
+#include "Keymaster.h"
#include "KeyBuffer.h"
-
+#include <cutils/multiuser.h>
#include <string>
namespace android {
@@ -39,6 +40,13 @@
const std::string secret;
};
+enum class KeyType {
+ DE_SYS,
+ DE_USER,
+ CE_USER,
+ ME,
+};
+
extern const KeyAuthentication kEmptyAuthentication;
// Checks if path "path" exists.
@@ -68,6 +76,8 @@
bool destroyKey(const std::string& dir);
bool runSecdiscardSingle(const std::string& file);
+bool generateWrappedKey(userid_t user_id, KeyType key_type, KeyBuffer* key);
+bool getEphemeralWrappedKey(km::KeyFormat format, KeyBuffer& kmKey, KeyBuffer* key);
} // namespace vold
} // namespace android
diff --git a/KeyUtil.cpp b/KeyUtil.cpp
index d2d51e1..09d6ea3 100644
--- a/KeyUtil.cpp
+++ b/KeyUtil.cpp
@@ -29,9 +29,14 @@
#include <android-base/logging.h>
#include <keyutils.h>
+#include "FsCrypt.h"
#include "KeyStorage.h"
#include "Utils.h"
+#define MAX_USER_ID 0xFFFFFFFF
+
+using android::hardware::keymaster::V4_0::KeyFormat;
+using android::vold::KeyType;
namespace android {
namespace vold {
@@ -212,7 +217,14 @@
// A key for a v1 policy is specified by an arbitrary 8-byte
// "descriptor", which must be provided by userspace. We use the
// first 8 bytes from the double SHA-512 of the key itself.
- *raw_ref = generateKeyRef((const uint8_t*)key.data(), key.size());
+ if (is_wrapped_key_supported()) {
+ /* When wrapped key is supported, only the first 32 bytes are
+ the same per boot. The second 32 bytes can change as the ephemeral
+ key is different. */
+ *raw_ref = generateKeyRef((const uint8_t*)key.data(), key.size()/2);
+ } else {
+ *raw_ref = generateKeyRef((const uint8_t*)key.data(), key.size());
+ }
if (!isFsKeyringSupported()) {
return installKeyLegacy(key, *raw_ref);
}
@@ -325,7 +337,7 @@
bool retrieveAndInstallKey(bool create_if_absent, const KeyAuthentication& key_authentication,
const std::string& key_path, const std::string& tmp_path,
const std::string& volume_uuid, int policy_version,
- std::string* key_ref) {
+ std::string* key_ref, bool wrapped_key_supported) {
KeyBuffer key;
if (pathExists(key_path)) {
LOG(DEBUG) << "Key exists, using: " << key_path;
@@ -336,10 +348,23 @@
return false;
}
LOG(INFO) << "Creating new key in " << key_path;
- if (!randomKey(&key)) return false;
+ if (wrapped_key_supported) {
+ if(!generateWrappedKey(MAX_USER_ID, KeyType::DE_SYS, &key)) return false;
+ } else {
+ if (!randomKey(&key)) return false;
+ }
if (!storeKeyAtomically(key_path, tmp_path, key_authentication, key)) return false;
}
+ if (wrapped_key_supported) {
+ KeyBuffer ephemeral_wrapped_key;
+ if (!getEphemeralWrappedKey(KeyFormat::RAW, key, &ephemeral_wrapped_key)) {
+ LOG(ERROR) << "Failed to export key in retrieveAndInstallKey";
+ return false;
+ }
+ key = std::move(ephemeral_wrapped_key);
+ }
+
if (!installKey(key, BuildDataPath(volume_uuid), policy_version, key_ref)) {
LOG(ERROR) << "Failed to install key in " << key_path;
return false;
@@ -352,14 +377,35 @@
if (pathExists(key_path)) {
LOG(DEBUG) << "Key exists, using: " << key_path;
if (!retrieveKey(key_path, kEmptyAuthentication, key, keepOld)) return false;
+ if (is_metadata_wrapped_key_supported()) {
+ KeyBuffer ephemeral_wrapped_key;
+ if (!getEphemeralWrappedKey(KeyFormat::RAW, *key, &ephemeral_wrapped_key)) {
+ LOG(ERROR) << "Failed to export key for retrieved key";
+ return false;
+ }
+ *key = std::move(ephemeral_wrapped_key);
+ }
} else {
if (!create_if_absent) {
LOG(ERROR) << "No key found in " << key_path;
return false;
}
LOG(INFO) << "Creating new key in " << key_path;
- if (!randomKey(key)) return false;
- if (!storeKeyAtomically(key_path, tmp_path, kEmptyAuthentication, *key)) return false;
+ if (is_metadata_wrapped_key_supported()) {
+ if(!generateWrappedKey(MAX_USER_ID, KeyType::ME, key)) return false;
+ } else {
+ if (!randomKey(key)) return false;
+ }
+ if (!storeKeyAtomically(key_path, tmp_path,
+ kEmptyAuthentication, *key)) return false;
+ if (is_metadata_wrapped_key_supported()) {
+ KeyBuffer ephemeral_wrapped_key;
+ if (!getEphemeralWrappedKey(KeyFormat::RAW, *key, &ephemeral_wrapped_key)) {
+ LOG(ERROR) << "Failed to export key for generated key";
+ return false;
+ }
+ *key = std::move(ephemeral_wrapped_key);
+ }
}
return true;
}
diff --git a/KeyUtil.h b/KeyUtil.h
index f6799d9..06e4239 100644
--- a/KeyUtil.h
+++ b/KeyUtil.h
@@ -19,6 +19,7 @@
#include "KeyBuffer.h"
#include "KeyStorage.h"
+#include "Keymaster.h"
#include <memory>
#include <string>
@@ -36,7 +37,7 @@
bool retrieveAndInstallKey(bool create_if_absent, const KeyAuthentication& key_authentication,
const std::string& key_path, const std::string& tmp_path,
const std::string& volume_uuid, int policy_version,
- std::string* key_ref);
+ std::string* key_ref, bool wrapped_key_supported);
bool retrieveKey(bool create_if_absent, const std::string& key_path, const std::string& tmp_path,
KeyBuffer* key, bool keepOld = true);
diff --git a/Keymaster.cpp b/Keymaster.cpp
index a3853f9..de50865 100644
--- a/Keymaster.cpp
+++ b/Keymaster.cpp
@@ -138,6 +138,32 @@
return true;
}
+km::ErrorCode Keymaster::exportKey(km::KeyFormat format, KeyBuffer& kmKey, const std::string& clientId,
+ const std::string& appData, std::string* key) {
+ auto kmKeyBlob = km::support::blob2hidlVec(std::string(kmKey.data(), kmKey.size()));
+ auto emptyAssign = NULL;
+ auto kmClientId = (clientId == "!") ? emptyAssign: km::support::blob2hidlVec(clientId);
+ auto kmAppData = (appData == "!") ? emptyAssign: km::support::blob2hidlVec(appData);
+ km::ErrorCode km_error;
+ auto hidlCb = [&](km::ErrorCode ret, const hidl_vec<uint8_t>& exportedKeyBlob) {
+ km_error = ret;
+ if (km_error != km::ErrorCode::OK) return;
+ if(key)
+ key->assign(reinterpret_cast<const char*>(&exportedKeyBlob[0]),
+ exportedKeyBlob.size());
+ };
+ auto error = mDevice->exportKey(format, kmKeyBlob, kmClientId, kmAppData, hidlCb);
+ if (!error.isOk()) {
+ LOG(ERROR) << "export_key failed: " << error.description();
+ return km::ErrorCode::UNKNOWN_ERROR;
+ }
+ if (km_error != km::ErrorCode::OK) {
+ LOG(ERROR) << "export_key failed, code " << int32_t(km_error);
+ return km_error;
+ }
+ return km::ErrorCode::OK;
+}
+
bool Keymaster::deleteKey(const std::string& key) {
auto keyBlob = km::support::blob2hidlVec(key);
auto error = mDevice->deleteKey(keyBlob);
diff --git a/Keymaster.h b/Keymaster.h
index 049a741..4e1d88a 100644
--- a/Keymaster.h
+++ b/Keymaster.h
@@ -113,6 +113,9 @@
explicit operator bool() { return mDevice.get() != nullptr; }
// Generate a key in the keymaster from the given params.
bool generateKey(const km::AuthorizationSet& inParams, std::string* key);
+ // Export a key from keymaster.
+ km::ErrorCode exportKey(km::KeyFormat format, KeyBuffer& kmKey, const std::string& clientId,
+ const std::string& appData, std::string* key);
// If the keymaster supports it, permanently delete a key.
bool deleteKey(const std::string& key);
// Replace stored key blob in response to KM_ERROR_KEY_REQUIRES_UPGRADE.
diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp
index 3c2e0d5..dc4ceb8 100644
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@@ -234,3 +234,17 @@
mount_via_fs_mgr(data_rec->mount_point.c_str(), crypto_blkdev.c_str());
return true;
}
+
+int fscrypt_setup_ufscard_volume (const std::string& dm_name, const std::string& real_blkdev,
+ const std::string& key, std::string& crypto_blkdev)
+{
+ KeyBuffer key_buf = KeyBuffer(key.size());
+ memcpy(reinterpret_cast<void*>(key_buf.data()), key.c_str(), key.size());
+ uint64_t nr_sec;
+ if (!get_number_of_sectors(real_blkdev, &nr_sec)) return -1;
+ if (!create_crypto_blk_dev(dm_name, nr_sec, real_blkdev, key_buf, &crypto_blkdev,
+ android::base::GetBoolProperty("ro.crypto.set_dun", false)))
+ return -1;
+
+ return 0;
+}
diff --git a/MetadataCrypt.h b/MetadataCrypt.h
index cd0f5e5..2f33c31 100644
--- a/MetadataCrypt.h
+++ b/MetadataCrypt.h
@@ -21,5 +21,7 @@
bool fscrypt_mount_metadata_encrypted(const std::string& block_device,
const std::string& mount_point, bool needs_encrypt);
+int fscrypt_setup_ufscard_volume (const std::string& dm_name, const std::string& real_blkdev,
+ const std::string& key, std::string& crypto_blkdev);
#endif
diff --git a/VoldNativeService.cpp b/VoldNativeService.cpp
index f8ed61c..db8b265 100644
--- a/VoldNativeService.cpp
+++ b/VoldNativeService.cpp
@@ -634,11 +634,12 @@
}
binder::Status VoldNativeService::fdeChangePassword(int32_t passwordType,
+ const std::string& currentPassword,
const std::string& password) {
ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_CRYPT_LOCK;
- return translate(cryptfs_changepw(passwordType, password.c_str()));
+ return translate(cryptfs_changepw(passwordType, currentPassword.c_str(), password.c_str()));
}
binder::Status VoldNativeService::fdeVerifyPassword(const std::string& password) {
diff --git a/VoldNativeService.h b/VoldNativeService.h
index 2967fae..8277524 100644
--- a/VoldNativeService.h
+++ b/VoldNativeService.h
@@ -93,7 +93,9 @@
binder::Status fdeComplete(int32_t* _aidl_return);
binder::Status fdeEnable(int32_t passwordType, const std::string& password,
int32_t encryptionFlags);
- binder::Status fdeChangePassword(int32_t passwordType, const std::string& password);
+ binder::Status fdeChangePassword(int32_t passwordType,
+ const std::string& currentPassword,
+ const std::string& password);
binder::Status fdeVerifyPassword(const std::string& password);
binder::Status fdeGetField(const std::string& key, std::string* _aidl_return);
binder::Status fdeSetField(const std::string& key, const std::string& value);
diff --git a/VoldUtil.h b/VoldUtil.h
index 173c598..181506e 100644
--- a/VoldUtil.h
+++ b/VoldUtil.h
@@ -22,3 +22,7 @@
extern android::fs_mgr::Fstab fstab_default;
#define ARRAY_SIZE(a) (sizeof(a) / sizeof(*(a)))
+
+#ifdef CONFIG_HW_DISK_ENCRYPT_PERF
+void get_blkdev_start_sector(int fd, unsigned long* st_sec);
+#endif
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index d8b1e32..e4eade1 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -233,6 +233,9 @@
major >= (int)kMajorBlockExperimentalMin &&
major <= (int)kMajorBlockExperimentalMax)) {
flags |= android::vold::Disk::Flags::kSd;
+ } else if (eventPath.find("ufs") != std::string::npos) {
+ flags |= android::vold::Disk::Flags::kSd;
+ flags |= android::vold::Disk::Flags::kUfsCard;
} else {
flags |= android::vold::Disk::Flags::kUsb;
}
diff --git a/binder/android/os/IVold.aidl b/binder/android/os/IVold.aidl
index 1819e09..266709f 100644
--- a/binder/android/os/IVold.aidl
+++ b/binder/android/os/IVold.aidl
@@ -71,7 +71,7 @@
void fdeRestart();
int fdeComplete();
void fdeEnable(int passwordType, @utf8InCpp String password, int encryptionFlags);
- void fdeChangePassword(int passwordType, @utf8InCpp String password);
+ void fdeChangePassword(int passwordType, @utf8InCpp String currentPassword, @utf8InCpp String password);
void fdeVerifyPassword(@utf8InCpp String password);
@utf8InCpp String fdeGetField(@utf8InCpp String key);
void fdeSetField(@utf8InCpp String key, @utf8InCpp String value);
diff --git a/cryptfs.cpp b/cryptfs.cpp
index 403282e..3f24823 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -70,6 +70,11 @@
#include <time.h>
#include <unistd.h>
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+#include <linux/dm-ioctl.h>
+#include <sys/ioctl.h>
+#include <cryptfs_hw.h>
+#endif
extern "C" {
#include <crypto_scrypt.h>
}
@@ -93,6 +98,7 @@
#define KEY_IN_FOOTER "footer"
+#define DEFAULT_HEX_PASSWORD "64656661756c745f70617373776f7264"
#define DEFAULT_PASSWORD "default_password"
#define CRYPTO_BLOCK_DEVICE "userdata"
@@ -108,6 +114,7 @@
#define RSA_KEY_SIZE_BYTES (RSA_KEY_SIZE / 8)
#define RSA_EXPONENT 0x10001
#define KEYMASTER_CRYPTFS_RATE_LIMIT 1 // Maximum one try per second
+#define KEY_LEN_BYTES 16
#define RETRY_MOUNT_ATTEMPTS 10
#define RETRY_MOUNT_DELAY_SECONDS 1
@@ -121,6 +128,151 @@
static int master_key_saved = 0;
static struct crypt_persist_data* persist_data = NULL;
+static int previous_type;
+
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+static int scrypt_keymaster(const char *passwd, const unsigned char *salt,
+ unsigned char *ikey, void *params);
+static void convert_key_to_hex_ascii(const unsigned char *master_key,
+ unsigned int keysize, char *master_key_ascii);
+static int put_crypt_ftr_and_key(struct crypt_mnt_ftr *crypt_ftr);
+static int test_mount_hw_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
+ const char *passwd, const char *mount_point, const char *label);
+int cryptfs_changepw_hw_fde(int crypt_type, const char *currentpw,
+ const char *newpw);
+int cryptfs_check_passwd_hw(char *passwd);
+int cryptfs_get_master_key(struct crypt_mnt_ftr* ftr, const char* password,
+ unsigned char* master_key);
+
+static void convert_key_to_hex_ascii_for_upgrade(const unsigned char *master_key,
+ unsigned int keysize, char *master_key_ascii)
+{
+ unsigned int i, a;
+ unsigned char nibble;
+
+ for (i = 0, a = 0; i < keysize; i++, a += 2) {
+ /* For each byte, write out two ascii hex digits */
+ nibble = (master_key[i] >> 4) & 0xf;
+ master_key_ascii[a] = nibble + (nibble > 9 ? 0x57 : 0x30);
+
+ nibble = master_key[i] & 0xf;
+ master_key_ascii[a + 1] = nibble + (nibble > 9 ? 0x57 : 0x30);
+ }
+
+ /* Add the null termination */
+ master_key_ascii[a] = '\0';
+}
+
+static int get_keymaster_hw_fde_passwd(const char* passwd, unsigned char* newpw,
+ unsigned char* salt,
+ const struct crypt_mnt_ftr *ftr)
+{
+ /* if newpw updated, return 0
+ * if newpw not updated return -1
+ */
+ int rc = -1;
+
+ if (should_use_keymaster()) {
+ if (scrypt_keymaster(passwd, salt, newpw, (void*)ftr)) {
+ SLOGE("scrypt failed");
+ } else {
+ rc = 0;
+ }
+ }
+
+ return rc;
+}
+
+static int verify_hw_fde_passwd(const char *passwd, struct crypt_mnt_ftr* crypt_ftr)
+{
+ unsigned char newpw[32] = {0};
+ int key_index;
+ if (get_keymaster_hw_fde_passwd(passwd, newpw, crypt_ftr->salt, crypt_ftr))
+ key_index = set_hw_device_encryption_key(passwd,
+ (char*) crypt_ftr->crypto_type_name);
+ else
+ key_index = set_hw_device_encryption_key((const char*)newpw,
+ (char*) crypt_ftr->crypto_type_name);
+ return key_index;
+}
+
+static int verify_and_update_hw_fde_passwd(const char *passwd,
+ struct crypt_mnt_ftr* crypt_ftr)
+{
+ char* new_passwd = NULL;
+ unsigned char newpw[32] = {0};
+ int key_index = -1;
+ int passwd_updated = -1;
+ int ascii_passwd_updated = (crypt_ftr->flags & CRYPT_ASCII_PASSWORD_UPDATED);
+
+ key_index = verify_hw_fde_passwd(passwd, crypt_ftr);
+ if (key_index < 0) {
+ ++crypt_ftr->failed_decrypt_count;
+
+ if (ascii_passwd_updated) {
+ SLOGI("Ascii password was updated");
+ } else {
+ /* Code in else part would execute only once:
+ * When device is upgraded from L->M release.
+ * Once upgraded, code flow should never come here.
+ * L release passed actual password in hex, so try with hex
+ * Each nible of passwd was encoded as a byte, so allocate memory
+ * twice of password len plus one more byte for null termination
+ */
+ if (crypt_ftr->crypt_type == CRYPT_TYPE_DEFAULT) {
+ new_passwd = (char*)malloc(strlen(DEFAULT_HEX_PASSWORD) + 1);
+ if (new_passwd == NULL) {
+ SLOGE("System out of memory. Password verification incomplete");
+ goto out;
+ }
+ strlcpy(new_passwd, DEFAULT_HEX_PASSWORD, strlen(DEFAULT_HEX_PASSWORD) + 1);
+ } else {
+ new_passwd = (char*)malloc(strlen(passwd) * 2 + 1);
+ if (new_passwd == NULL) {
+ SLOGE("System out of memory. Password verification incomplete");
+ goto out;
+ }
+ convert_key_to_hex_ascii_for_upgrade((const unsigned char*)passwd,
+ strlen(passwd), new_passwd);
+ }
+ key_index = set_hw_device_encryption_key((const char*)new_passwd,
+ (char*) crypt_ftr->crypto_type_name);
+ if (key_index >=0) {
+ crypt_ftr->failed_decrypt_count = 0;
+ SLOGI("Hex password verified...will try to update with Ascii value");
+ /* Before updating password, tie that with keymaster to tie with ROT */
+
+ if (get_keymaster_hw_fde_passwd(passwd, newpw,
+ crypt_ftr->salt, crypt_ftr)) {
+ passwd_updated = update_hw_device_encryption_key(new_passwd,
+ passwd, (char*)crypt_ftr->crypto_type_name);
+ } else {
+ passwd_updated = update_hw_device_encryption_key(new_passwd,
+ (const char*)newpw, (char*)crypt_ftr->crypto_type_name);
+ }
+
+ if (passwd_updated >= 0) {
+ crypt_ftr->flags |= CRYPT_ASCII_PASSWORD_UPDATED;
+ SLOGI("Ascii password recorded and updated");
+ } else {
+ SLOGI("Passwd verified, could not update...Will try next time");
+ }
+ } else {
+ ++crypt_ftr->failed_decrypt_count;
+ }
+ free(new_passwd);
+ }
+ } else {
+ if (!ascii_passwd_updated)
+ crypt_ftr->flags |= CRYPT_ASCII_PASSWORD_UPDATED;
+ }
+out:
+ // update footer before leaving
+ put_crypt_ftr_and_key(crypt_ftr);
+ return key_index;
+}
+#endif
+
/* Should we use keymaster? */
static int keymaster_check_compatibility() {
return keymaster_compatibility_cryptfs_scrypt();
@@ -989,6 +1141,171 @@
return 0;
}
+#if defined(CONFIG_HW_DISK_ENCRYPTION) && !defined(CONFIG_HW_DISK_ENCRYPT_PERF)
+#define DM_CRYPT_BUF_SIZE 4096
+
+static void ioctl_init(struct dm_ioctl* io, size_t dataSize, const char* name, unsigned flags) {
+ memset(io, 0, dataSize);
+ io->data_size = dataSize;
+ io->data_start = sizeof(struct dm_ioctl);
+ io->version[0] = 4;
+ io->version[1] = 0;
+ io->version[2] = 0;
+ io->flags = flags;
+ if (name) {
+ strlcpy(io->name, name, sizeof(io->name));
+ }
+}
+
+static int load_crypto_mapping_table(struct crypt_mnt_ftr* crypt_ftr,
+ const unsigned char* master_key, const char* real_blk_name,
+ const char* name, int fd, const char* extra_params) {
+ alignas(struct dm_ioctl) char buffer[DM_CRYPT_BUF_SIZE];
+ struct dm_ioctl* io;
+ struct dm_target_spec* tgt;
+ char* crypt_params;
+ // We need two ASCII characters to represent each byte, and need space for
+ // the '\0' terminator.
+ char master_key_ascii[MAX_KEY_LEN * 2 + 1];
+ size_t buff_offset;
+ int i;
+
+ io = (struct dm_ioctl*)buffer;
+
+ /* Load the mapping table for this device */
+ tgt = (struct dm_target_spec*)&buffer[sizeof(struct dm_ioctl)];
+
+ ioctl_init(io, DM_CRYPT_BUF_SIZE, name, 0);
+ io->target_count = 1;
+ tgt->status = 0;
+ tgt->sector_start = 0;
+ tgt->length = crypt_ftr->fs_size;
+ crypt_params = buffer + sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec);
+ buff_offset = crypt_params - buffer;
+ SLOGI(
+ "Creating crypto dev \"%s\"; cipher=%s, keysize=%u, real_dev=%s, len=%llu, params=\"%s\"\n",
+ name, crypt_ftr->crypto_type_name, crypt_ftr->keysize, real_blk_name, tgt->length * 512,
+ extra_params);
+ if(is_hw_disk_encryption((char*)crypt_ftr->crypto_type_name)) {
+ strlcpy(tgt->target_type, "req-crypt",DM_MAX_TYPE_NAME);
+ if (is_ice_enabled())
+ convert_key_to_hex_ascii(master_key, sizeof(int), master_key_ascii);
+ else
+ convert_key_to_hex_ascii(master_key, crypt_ftr->keysize, master_key_ascii);
+ }
+ snprintf(crypt_params, sizeof(buffer) - buff_offset, "%s %s 0 %s 0 %s 0",
+ crypt_ftr->crypto_type_name, master_key_ascii,
+ real_blk_name, extra_params);
+
+ SLOGI("target_type = %s", tgt->target_type);
+ SLOGI("real_blk_name = %s, extra_params = %s", real_blk_name, extra_params);
+
+ crypt_params += strlen(crypt_params) + 1;
+ crypt_params =
+ (char*)(((unsigned long)crypt_params + 7) & ~8); /* Align to an 8 byte boundary */
+ tgt->next = crypt_params - buffer;
+
+ for (i = 0; i < TABLE_LOAD_RETRIES; i++) {
+ if (!ioctl(fd, DM_TABLE_LOAD, io)) {
+ break;
+ }
+ usleep(500000);
+ }
+
+ if (i == TABLE_LOAD_RETRIES) {
+ /* We failed to load the table, return an error */
+ return -1;
+ } else {
+ return i + 1;
+ }
+}
+
+static int create_crypto_blk_dev_hw(struct crypt_mnt_ftr* crypt_ftr, const unsigned char* master_key,
+ const char* real_blk_name, char* crypto_blk_name, const char* name,
+ uint32_t flags) {
+ char buffer[DM_CRYPT_BUF_SIZE];
+ struct dm_ioctl* io;
+ unsigned int minor;
+ int fd = 0;
+ int err;
+ int retval = -1;
+ int version[3];
+ int load_count;
+ char encrypted_state[PROPERTY_VALUE_MAX] = {0};
+ char progress[PROPERTY_VALUE_MAX] = {0};
+ const char *extra_params;
+
+ if ((fd = open("/dev/device-mapper", O_RDWR | O_CLOEXEC)) < 0) {
+ SLOGE("Cannot open device-mapper\n");
+ goto errout;
+ }
+
+ io = (struct dm_ioctl*)buffer;
+
+ ioctl_init(io, DM_CRYPT_BUF_SIZE, name, 0);
+ err = ioctl(fd, DM_DEV_CREATE, io);
+ if (err) {
+ SLOGE("Cannot create dm-crypt device %s: %s\n", name, strerror(errno));
+ goto errout;
+ }
+
+ /* Get the device status, in particular, the name of it's device file */
+ ioctl_init(io, DM_CRYPT_BUF_SIZE, name, 0);
+ if (ioctl(fd, DM_DEV_STATUS, io)) {
+ SLOGE("Cannot retrieve dm-crypt device status\n");
+ goto errout;
+ }
+ minor = (io->dev & 0xff) | ((io->dev >> 12) & 0xfff00);
+ snprintf(crypto_blk_name, MAXPATHLEN, "/dev/block/dm-%u", minor);
+
+ if(is_hw_disk_encryption((char*)crypt_ftr->crypto_type_name)) {
+ /* Set fde_enabled if either FDE completed or in-progress */
+ property_get("ro.crypto.state", encrypted_state, ""); /* FDE completed */
+ property_get("vold.encrypt_progress", progress, ""); /* FDE in progress */
+ if (!strcmp(encrypted_state, "encrypted") || strcmp(progress, "")) {
+ if (is_ice_enabled()) {
+ extra_params = "fde_enabled ice allow_encrypt_override";
+ } else {
+ extra_params = "fde_enabled allow_encrypt_override";
+ }
+ } else {
+ extra_params = "fde_enabled allow_encrypt_override";
+ }
+ load_count = load_crypto_mapping_table(crypt_ftr, master_key, real_blk_name, name, fd,
+ extra_params);
+ }
+
+ if (load_count < 0) {
+ SLOGE("Cannot load dm-crypt mapping table.\n");
+ goto errout;
+ } else if (load_count > 1) {
+ SLOGI("Took %d tries to load dmcrypt table.\n", load_count);
+ }
+
+ /* Resume this device to activate it */
+ ioctl_init(io, DM_CRYPT_BUF_SIZE, name, 0);
+
+ if (ioctl(fd, DM_DEV_SUSPEND, io)) {
+ SLOGE("Cannot resume the dm-crypt device\n");
+ goto errout;
+ }
+
+ /* Ensure the dm device has been created before returning. */
+ if (android::vold::WaitForFile(crypto_blk_name, 1s) < 0) {
+ // WaitForFile generates a suitable log message
+ goto errout;
+ }
+
+ /* We made it here with no errors. Woot! */
+ retval = 0;
+
+errout:
+ close(fd); /* If fd is <0 from a failed open call, it's safe to just ignore the close error */
+
+ return retval;
+}
+#endif
+
static int create_crypto_blk_dev(struct crypt_mnt_ftr* crypt_ftr, const unsigned char* master_key,
const char* real_blk_name, char* crypto_blk_name, const char* name,
uint32_t flags) {
@@ -1120,7 +1437,8 @@
static int encrypt_master_key(const char* passwd, const unsigned char* salt,
const unsigned char* decrypted_master_key,
- unsigned char* encrypted_master_key, struct crypt_mnt_ftr* crypt_ftr) {
+ unsigned char* encrypted_master_key, struct crypt_mnt_ftr* crypt_ftr,
+ bool create_keymaster_key) {
unsigned char ikey[INTERMEDIATE_BUF_SIZE] = {0};
EVP_CIPHER_CTX e_ctx;
int encrypted_len, final_len;
@@ -1131,7 +1449,7 @@
switch (crypt_ftr->kdf_type) {
case KDF_SCRYPT_KEYMASTER:
- if (keymaster_create_key(crypt_ftr)) {
+ if (create_keymaster_key && keymaster_create_key(crypt_ftr)) {
SLOGE("keymaster_create_key failed");
return -1;
}
@@ -1295,12 +1613,12 @@
}
/* Now encrypt it with the password */
- return encrypt_master_key(passwd, salt, key_buf, master_key, crypt_ftr);
+ return encrypt_master_key(passwd, salt, key_buf, master_key, crypt_ftr, true);
}
int wait_and_unmount(const char* mountpoint, bool kill) {
int i, err, rc;
-#define WAIT_UNMOUNT_COUNT 20
+#define WAIT_UNMOUNT_COUNT 200
/* Now umount the tmpfs filesystem */
for (i = 0; i < WAIT_UNMOUNT_COUNT; i++) {
@@ -1317,18 +1635,18 @@
err = errno;
- /* If allowed, be increasingly aggressive before the last two retries */
+ /* If allowed, be increasingly aggressive before the last 2 seconds */
if (kill) {
- if (i == (WAIT_UNMOUNT_COUNT - 3)) {
+ if (i == (WAIT_UNMOUNT_COUNT - 30)) {
SLOGW("sending SIGHUP to processes with open files\n");
android::vold::KillProcessesWithOpenFiles(mountpoint, SIGTERM);
- } else if (i == (WAIT_UNMOUNT_COUNT - 2)) {
+ } else if (i == (WAIT_UNMOUNT_COUNT - 20)) {
SLOGW("sending SIGKILL to processes with open files\n");
android::vold::KillProcessesWithOpenFiles(mountpoint, SIGKILL);
}
}
- sleep(1);
+ usleep(100000);
}
if (i < WAIT_UNMOUNT_COUNT) {
@@ -1394,7 +1712,10 @@
/* returns < 0 on failure */
static int cryptfs_restart_internal(int restart_main) {
- char crypto_blkdev[MAXPATHLEN];
+ std::string crypto_blkdev;
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ std::string blkdev;
+#endif
int rc = -1;
static int restart_successful = 0;
@@ -1453,13 +1774,32 @@
* the tmpfs filesystem, and mount the real one.
*/
- property_get("ro.crypto.fs_crypto_blkdev", crypto_blkdev, "");
- if (strlen(crypto_blkdev) == 0) {
+#if defined(CONFIG_HW_DISK_ENCRYPTION)
+#if defined(CONFIG_HW_DISK_ENCRYPT_PERF)
+ if (is_ice_enabled()) {
+ get_crypt_info(nullptr, &blkdev);
+ if (set_ice_param(START_ENCDEC)) {
+ SLOGE("Failed to set ICE data");
+ return -1;
+ }
+ }
+#else
+ blkdev = android::base::GetProperty("ro.crypto.fs_crypto_blkdev", "");
+ if (blkdev.empty()) {
+ SLOGE("fs_crypto_blkdev not set\n");
+ return -1;
+ }
+ if (!(rc = wait_and_unmount(DATA_MNT_POINT, true))) {
+#endif
+#else
+ crypto_blkdev = android::base::GetProperty("ro.crypto.fs_crypto_blkdev", "");
+ if (crypto_blkdev.empty()) {
SLOGE("fs_crypto_blkdev not set\n");
return -1;
}
if (!(rc = wait_and_unmount(DATA_MNT_POINT, true))) {
+#endif
/* If ro.crypto.readonly is set to 1, mount the decrypted
* filesystem readonly. This is used when /data is mounted by
* recovery mode.
@@ -1486,13 +1826,22 @@
return -1;
}
bool needs_cp = android::vold::cp_needsCheckpoint();
- while ((mount_rc = fs_mgr_do_mount(&fstab_default, DATA_MNT_POINT, crypto_blkdev, 0,
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ while ((mount_rc = fs_mgr_do_mount(&fstab_default, DATA_MNT_POINT, blkdev.data(), 0,
needs_cp)) != 0) {
+#else
+ while ((mount_rc = fs_mgr_do_mount(&fstab_default, DATA_MNT_POINT, crypto_blkdev.data(), 0,
+ needs_cp)) != 0) {
+#endif
if (mount_rc == FS_MGR_DOMNT_BUSY) {
/* TODO: invoke something similar to
Process::killProcessWithOpenFiles(DATA_MNT_POINT,
retries > RETRY_MOUNT_ATTEMPT/2 ? 1 : 2 ) */
- SLOGI("Failed to mount %s because it is busy - waiting", crypto_blkdev);
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ SLOGI("Failed to mount %s because it is busy - waiting", blkdev.c_str());
+#else
+ SLOGI("Failed to mount %s because it is busy - waiting", crypto_blkdev.c_str());
+#endif
if (--retries) {
sleep(RETRY_MOUNT_DELAY_SECONDS);
} else {
@@ -1501,6 +1850,17 @@
cryptfs_reboot(RebootType::reboot);
}
} else {
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ if (--retries) {
+ sleep(RETRY_MOUNT_DELAY_SECONDS);
+ } else {
+ SLOGE("Failed to mount decrypted data");
+ cryptfs_set_corrupt();
+ cryptfs_trigger_restart_min_framework();
+ SLOGI("Started framework to offer wipe");
+ return -1;
+ }
+#else
SLOGE("Failed to mount decrypted data");
cryptfs_set_corrupt();
cryptfs_trigger_restart_min_framework();
@@ -1509,6 +1869,7 @@
SLOGE("Failed to setexeccon");
}
return -1;
+#endif
}
}
if (setexeccon(NULL)) {
@@ -1526,7 +1887,9 @@
/* Give it a few moments to get started */
sleep(1);
+#ifndef CONFIG_HW_DISK_ENCRYPT_PERF
}
+#endif
if (rc == 0) {
restart_successful = 1;
@@ -1601,6 +1964,70 @@
return CRYPTO_COMPLETE_ENCRYPTED;
}
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+static int test_mount_hw_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr,
+ const char *passwd, const char *mount_point, const char *label)
+{
+ /* Allocate enough space for a 256 bit key, but we may use less */
+ unsigned char decrypted_master_key[32];
+ char crypto_blkdev[MAXPATHLEN];
+ std::string real_blkdev;
+ unsigned int orig_failed_decrypt_count;
+ int rc = 0;
+
+ SLOGD("crypt_ftr->fs_size = %lld\n", crypt_ftr->fs_size);
+ orig_failed_decrypt_count = crypt_ftr->failed_decrypt_count;
+
+ get_crypt_info(nullptr, &real_blkdev);
+
+ int key_index = 0;
+ if(is_hw_disk_encryption((char*)crypt_ftr->crypto_type_name)) {
+ key_index = verify_and_update_hw_fde_passwd(passwd, crypt_ftr);
+ if (key_index < 0) {
+ rc = crypt_ftr->failed_decrypt_count;
+ goto errout;
+ }
+ else {
+ if (is_ice_enabled()) {
+#ifndef CONFIG_HW_DISK_ENCRYPT_PERF
+ if (create_crypto_blk_dev_hw(crypt_ftr, (unsigned char*)&key_index,
+ real_blkdev.c_str(), crypto_blkdev, label, 0)) {
+ SLOGE("Error creating decrypted block device");
+ rc = -1;
+ goto errout;
+ }
+#endif
+ } else {
+ if (create_crypto_blk_dev(crypt_ftr, decrypted_master_key,
+ real_blkdev.c_str(), crypto_blkdev, label, 0)) {
+ SLOGE("Error creating decrypted block device");
+ rc = -1;
+ goto errout;
+ }
+ }
+ }
+ }
+
+ if (rc == 0) {
+ crypt_ftr->failed_decrypt_count = 0;
+ if (orig_failed_decrypt_count != 0) {
+ put_crypt_ftr_and_key(crypt_ftr);
+ }
+
+ /* Save the name of the crypto block device
+ * so we can mount it when restarting the framework. */
+#ifdef CONFIG_HW_DISK_ENCRYPT_PERF
+ if (!is_ice_enabled())
+#endif
+ property_set("ro.crypto.fs_crypto_blkdev", crypto_blkdev);
+ master_key_saved = 1;
+ }
+
+ errout:
+ return rc;
+}
+#endif
+
static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr, const char* passwd,
const char* mount_point, const char* label) {
unsigned char decrypted_master_key[MAX_KEY_LEN];
@@ -1703,7 +2130,7 @@
if (upgrade) {
rc = encrypt_master_key(passwd, crypt_ftr->salt, saved_master_key,
- crypt_ftr->master_key, crypt_ftr);
+ crypt_ftr->master_key, crypt_ftr, true);
if (!rc) {
rc = put_crypt_ftr_and_key(crypt_ftr);
}
@@ -1791,6 +2218,66 @@
return 0;
}
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+int cryptfs_check_passwd_hw(const char* passwd)
+{
+ struct crypt_mnt_ftr crypt_ftr;
+ int rc;
+ unsigned char master_key[KEY_LEN_BYTES];
+
+ /* get key */
+ if (get_crypt_ftr_and_key(&crypt_ftr)) {
+ SLOGE("Error getting crypt footer and key");
+ return -1;
+ }
+
+ /*
+ * in case of manual encryption (from GUI), the encryption is done with
+ * default password
+ */
+ if (crypt_ftr.flags & CRYPT_FORCE_COMPLETE) {
+ /* compare scrypted_intermediate_key with stored scrypted_intermediate_key
+ * which was created with actual password before reboot.
+ */
+ rc = cryptfs_get_master_key(&crypt_ftr, passwd, master_key);
+ if (rc) {
+ SLOGE("password doesn't match");
+ rc = ++crypt_ftr.failed_decrypt_count;
+ put_crypt_ftr_and_key(&crypt_ftr);
+ return rc;
+ }
+
+ rc = test_mount_hw_encrypted_fs(&crypt_ftr, DEFAULT_PASSWORD,
+ DATA_MNT_POINT, CRYPTO_BLOCK_DEVICE);
+
+ if (rc) {
+ SLOGE("Default password did not match on reboot encryption");
+ return rc;
+ }
+
+ crypt_ftr.flags &= ~CRYPT_FORCE_COMPLETE;
+ put_crypt_ftr_and_key(&crypt_ftr);
+ rc = cryptfs_changepw(crypt_ftr.crypt_type, DEFAULT_PASSWORD, passwd);
+ if (rc) {
+ SLOGE("Could not change password on reboot encryption");
+ return rc;
+ }
+ } else
+ rc = test_mount_hw_encrypted_fs(&crypt_ftr, passwd,
+ DATA_MNT_POINT, CRYPTO_BLOCK_DEVICE);
+
+ if (crypt_ftr.crypt_type != CRYPT_TYPE_DEFAULT) {
+ cryptfs_clear_password();
+ password = strdup(passwd);
+ struct timespec now;
+ clock_gettime(CLOCK_BOOTTIME, &now);
+ password_expiry_time = now.tv_sec + password_max_age_seconds;
+ }
+
+ return rc;
+}
+#endif
+
int cryptfs_check_passwd(const char* passwd) {
SLOGI("cryptfs_check_passwd");
if (fscrypt_is_native()) {
@@ -1807,6 +2294,11 @@
return rc;
}
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ if (is_hw_disk_encryption((char*)crypt_ftr.crypto_type_name))
+ return cryptfs_check_passwd_hw(passwd);
+#endif
+
rc = test_mount_encrypted_fs(&crypt_ftr, passwd, DATA_MNT_POINT, CRYPTO_BLOCK_DEVICE);
if (rc) {
SLOGE("Password did not match");
@@ -1828,7 +2320,7 @@
crypt_ftr.flags &= ~CRYPT_FORCE_COMPLETE;
put_crypt_ftr_and_key(&crypt_ftr);
- rc = cryptfs_changepw(crypt_ftr.crypt_type, passwd);
+ rc = cryptfs_changepw(crypt_ftr.crypt_type, DEFAULT_PASSWORD, passwd);
if (rc) {
SLOGE("Could not change password on reboot encryption");
return rc;
@@ -1877,6 +2369,24 @@
/* If the device has no password, then just say the password is valid */
rc = 0;
} else {
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ if(is_hw_disk_encryption((char*)crypt_ftr.crypto_type_name)) {
+ if (verify_hw_fde_passwd(passwd, &crypt_ftr) >= 0)
+ rc = 0;
+ else
+ rc = -1;
+ } else {
+ decrypt_master_key(passwd, decrypted_master_key, &crypt_ftr, 0, 0);
+ if (!memcmp(decrypted_master_key, saved_master_key, crypt_ftr.keysize)) {
+ /* They match, the password is correct */
+ rc = 0;
+ } else {
+ /* If incorrect, sleep for a bit to prevent dictionary attacks */
+ sleep(1);
+ rc = 1;
+ }
+ }
+#else
decrypt_master_key(passwd, decrypted_master_key, &crypt_ftr, 0, 0);
if (!memcmp(decrypted_master_key, saved_master_key, crypt_ftr.keysize)) {
/* They match, the password is correct */
@@ -1886,6 +2396,7 @@
sleep(1);
rc = 1;
}
+#endif
}
return rc;
@@ -2007,6 +2518,11 @@
off64_t previously_encrypted_upto = 0;
bool rebootEncryption = false;
bool onlyCreateHeader = false;
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ unsigned char newpw[32];
+ int key_index = 0;
+#endif
+ int index = 0;
std::unique_ptr<android::wakelock::WakeLock> wakeLock = nullptr;
if (get_crypt_ftr_and_key(&crypt_ftr) == 0) {
@@ -2148,8 +2664,13 @@
crypt_ftr.flags |= CRYPT_INCONSISTENT_STATE;
}
crypt_ftr.crypt_type = crypt_type;
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ strlcpy((char*)crypt_ftr.crypto_type_name, "aes-xts",
+ MAX_CRYPTO_TYPE_NAME_LEN);
+#else
strlcpy((char*)crypt_ftr.crypto_type_name, cryptfs_get_crypto_name(),
MAX_CRYPTO_TYPE_NAME_LEN);
+#endif
/* Make an encrypted master key */
if (create_encrypted_random_key(onlyCreateHeader ? DEFAULT_PASSWORD : passwd,
@@ -2164,7 +2685,7 @@
unsigned char encrypted_fake_master_key[MAX_KEY_LEN];
memset(fake_master_key, 0, sizeof(fake_master_key));
encrypt_master_key(passwd, crypt_ftr.salt, fake_master_key, encrypted_fake_master_key,
- &crypt_ftr);
+ &crypt_ftr, true);
}
/* Write the key to the end of the partition */
@@ -2185,12 +2706,57 @@
}
}
+ /* When encryption triggered from settings, encryption starts after reboot.
+ So set the encryption key when the actual encryption starts.
+ */
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ if (previously_encrypted_upto == 0) {
+ if (!rebootEncryption)
+ clear_hw_device_encryption_key();
+
+ if (get_keymaster_hw_fde_passwd(
+ onlyCreateHeader ? DEFAULT_PASSWORD : passwd,
+ newpw, crypt_ftr.salt, &crypt_ftr))
+ key_index = set_hw_device_encryption_key(
+ onlyCreateHeader ? DEFAULT_PASSWORD : passwd,
+ (char*)crypt_ftr.crypto_type_name);
+ else
+ key_index = set_hw_device_encryption_key((const char*)newpw,
+ (char*) crypt_ftr.crypto_type_name);
+ if (key_index < 0)
+ goto error_shutting_down;
+
+ crypt_ftr.flags |= CRYPT_ASCII_PASSWORD_UPDATED;
+ put_crypt_ftr_and_key(&crypt_ftr);
+ }
+#endif
+
if (onlyCreateHeader) {
sleep(2);
cryptfs_reboot(RebootType::reboot);
- }
+ } else {
+ /* Do extra work for a better UX when doing the long inplace encryption */
+ /* Now that /data is unmounted, we need to mount a tmpfs
+ * /data, set a property saying we're doing inplace encryption,
+ * and restart the framework.
+ */
+ if (fs_mgr_do_tmpfs_mount(DATA_MNT_POINT)) {
+ goto error_shutting_down;
+ }
+ /* Tells the framework that inplace encryption is starting */
+ property_set("vold.encrypt_progress", "0");
- if (!no_ui || rebootEncryption) {
+ /* restart the framework. */
+ /* Create necessary paths on /data */
+ prep_data_fs();
+
+ /* Ugh, shutting down the framework is not synchronous, so until it
+ * can be fixed, this horrible hack will wait a moment for it all to
+ * shut down before proceeding. Without it, some devices cannot
+ * restart the graphics services.
+ */
+ sleep(2);
+
/* startup service classes main and late_start */
property_set("vold.decrypt", "trigger_restart_min_framework");
SLOGD("Just triggered restart_min_framework\n");
@@ -2203,13 +2769,32 @@
}
decrypt_master_key(passwd, decrypted_master_key, &crypt_ftr, 0, 0);
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ if (is_hw_disk_encryption((char*)crypt_ftr.crypto_type_name) && is_ice_enabled())
+#ifdef CONFIG_HW_DISK_ENCRYPT_PERF
+ strlcpy(crypto_blkdev, real_blkdev.c_str(), sizeof(crypto_blkdev));
+#else
+ create_crypto_blk_dev_hw(&crypt_ftr, (unsigned char*)&key_index, real_blkdev.c_str(), crypto_blkdev,
+ CRYPTO_BLOCK_DEVICE, 0);
+#endif
+ else
+ create_crypto_blk_dev(&crypt_ftr, decrypted_master_key, real_blkdev.c_str(), crypto_blkdev,
+ CRYPTO_BLOCK_DEVICE, 0);
+#else
create_crypto_blk_dev(&crypt_ftr, decrypted_master_key, real_blkdev.c_str(), crypto_blkdev,
CRYPTO_BLOCK_DEVICE, 0);
+#endif
/* If we are continuing, check checksums match */
rc = 0;
if (previously_encrypted_upto) {
__le8 hash_first_block[SHA256_DIGEST_LENGTH];
+#if defined(CONFIG_HW_DISK_ENCRYPTION) && defined(CONFIG_HW_DISK_ENCRYPT_PERF)
+ if (set_ice_param(START_ENCDEC)) {
+ SLOGE("Failed to set ICE data");
+ goto error_shutting_down;
+ }
+#endif
rc = cryptfs_SHA256_fileblock(crypto_blkdev, hash_first_block);
if (!rc &&
@@ -2219,11 +2804,23 @@
}
}
+#if defined(CONFIG_HW_DISK_ENCRYPTION) && defined(CONFIG_HW_DISK_ENCRYPT_PERF)
+ if (set_ice_param(START_ENC)) {
+ SLOGE("Failed to set ICE data");
+ goto error_shutting_down;
+ }
+#endif
if (!rc) {
rc = cryptfs_enable_all_volumes(&crypt_ftr, crypto_blkdev, real_blkdev.data(),
previously_encrypted_upto);
}
+#if defined(CONFIG_HW_DISK_ENCRYPTION) && defined(CONFIG_HW_DISK_ENCRYPT_PERF)
+ if (set_ice_param(START_ENCDEC)) {
+ SLOGE("Failed to set ICE data");
+ goto error_shutting_down;
+ }
+#endif
/* Calculate checksum if we are not finished */
if (!rc && crypt_ftr.encrypted_upto != crypt_ftr.fs_size) {
rc = cryptfs_SHA256_fileblock(crypto_blkdev, crypt_ftr.hash_first_block);
@@ -2234,7 +2831,12 @@
}
/* Undo the dm-crypt mapping whether we succeed or not */
+#if defined(CONFIG_HW_DISK_ENCRYPTION) && defined(CONFIG_HW_DISK_ENCRYPT_PERF)
+ if (!is_ice_enabled())
+ delete_crypto_blk_dev(CRYPTO_BLOCK_DEVICE);
+#else
delete_crypto_blk_dev(CRYPTO_BLOCK_DEVICE);
+#endif
if (!rc) {
/* Success */
@@ -2330,7 +2932,7 @@
return cryptfs_enable_internal(CRYPT_TYPE_DEFAULT, DEFAULT_PASSWORD, no_ui);
}
-int cryptfs_changepw(int crypt_type, const char* newpw) {
+int cryptfs_changepw(int crypt_type, const char* currentpw, const char* newpw) {
if (fscrypt_is_native()) {
SLOGE("cryptfs_changepw not valid for file encryption");
return -1;
@@ -2356,10 +2958,33 @@
return -1;
}
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+ if(is_hw_disk_encryption((char*)crypt_ftr.crypto_type_name))
+ return cryptfs_changepw_hw_fde(crypt_type, currentpw, newpw);
+ else {
+ crypt_ftr.crypt_type = crypt_type;
+
+ rc = encrypt_master_key(crypt_type == CRYPT_TYPE_DEFAULT ?
+ DEFAULT_PASSWORD : newpw,
+ crypt_ftr.salt,
+ saved_master_key,
+ crypt_ftr.master_key,
+ &crypt_ftr, false);
+ if (rc) {
+ SLOGE("Encrypt master key failed: %d", rc);
+ return -1;
+ }
+ /* save the key */
+ put_crypt_ftr_and_key(&crypt_ftr);
+
+ return 0;
+ }
+#else
crypt_ftr.crypt_type = crypt_type;
rc = encrypt_master_key(crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD : newpw,
- crypt_ftr.salt, saved_master_key, crypt_ftr.master_key, &crypt_ftr);
+ crypt_ftr.salt, saved_master_key, crypt_ftr.master_key, &crypt_ftr,
+ false);
if (rc) {
SLOGE("Encrypt master key failed: %d", rc);
return -1;
@@ -2368,8 +2993,57 @@
put_crypt_ftr_and_key(&crypt_ftr);
return 0;
+#endif
}
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+int cryptfs_changepw_hw_fde(int crypt_type, const char *currentpw, const char *newpw)
+{
+ struct crypt_mnt_ftr crypt_ftr;
+ int rc;
+ int previous_type;
+
+ /* get key */
+ if (get_crypt_ftr_and_key(&crypt_ftr)) {
+ SLOGE("Error getting crypt footer and key");
+ return -1;
+ }
+
+ previous_type = crypt_ftr.crypt_type;
+ int rc1;
+ unsigned char tmp_curpw[32] = {0};
+ rc1 = get_keymaster_hw_fde_passwd(crypt_ftr.crypt_type == CRYPT_TYPE_DEFAULT ?
+ DEFAULT_PASSWORD : currentpw, tmp_curpw,
+ crypt_ftr.salt, &crypt_ftr);
+
+ crypt_ftr.crypt_type = crypt_type;
+
+ int ret, rc2;
+ unsigned char tmp_newpw[32] = {0};
+
+ rc2 = get_keymaster_hw_fde_passwd(crypt_type == CRYPT_TYPE_DEFAULT ?
+ DEFAULT_PASSWORD : newpw , tmp_newpw,
+ crypt_ftr.salt, &crypt_ftr);
+
+ if (is_hw_disk_encryption((char*)crypt_ftr.crypto_type_name)) {
+ ret = update_hw_device_encryption_key(
+ rc1 ? (previous_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD : currentpw) : (const char*)tmp_curpw,
+ rc2 ? (crypt_type == CRYPT_TYPE_DEFAULT ? DEFAULT_PASSWORD : newpw): (const char*)tmp_newpw,
+ (char*)crypt_ftr.crypto_type_name);
+ if (ret) {
+ SLOGE("Error updating device encryption hardware key ret %d", ret);
+ return -1;
+ } else {
+ SLOGI("Encryption hardware key updated");
+ }
+ }
+
+ /* save the key */
+ put_crypt_ftr_and_key(&crypt_ftr);
+ return 0;
+}
+#endif
+
static unsigned int persist_get_max_entries(int encrypted) {
struct crypt_mnt_ftr crypt_ftr;
unsigned int dsize;
@@ -2761,3 +3435,62 @@
auto entry = GetEntryForMountPoint(&fstab_default, DATA_MNT_POINT);
return entry && entry->fs_mgr_flags.force_fde_or_fbe;
}
+
+int cryptfs_create_default_ftr(struct crypt_mnt_ftr* crypt_ftr, __attribute__((unused))int key_length)
+{
+ if (cryptfs_init_crypt_mnt_ftr(crypt_ftr)) {
+ SLOGE("Failed to initialize crypt_ftr");
+ return -1;
+ }
+
+ if (create_encrypted_random_key(DEFAULT_PASSWORD, crypt_ftr->master_key,
+ crypt_ftr->salt, crypt_ftr)) {
+ SLOGE("Cannot create encrypted master key\n");
+ return -1;
+ }
+
+ //crypt_ftr->keysize = key_length / 8;
+ return 0;
+}
+
+int cryptfs_get_master_key(struct crypt_mnt_ftr* ftr, const char* password,
+ unsigned char* master_key)
+{
+ int rc;
+
+ unsigned char* intermediate_key = 0;
+ size_t intermediate_key_size = 0;
+
+ if (password == 0 || *password == 0) {
+ password = DEFAULT_PASSWORD;
+ }
+
+ rc = decrypt_master_key(password, master_key, ftr, &intermediate_key,
+ &intermediate_key_size);
+
+ if (rc) {
+ SLOGE("Can't calculate intermediate key");
+ return rc;
+ }
+
+ int N = 1 << ftr->N_factor;
+ int r = 1 << ftr->r_factor;
+ int p = 1 << ftr->p_factor;
+
+ unsigned char scrypted_intermediate_key[sizeof(ftr->scrypted_intermediate_key)];
+
+ rc = crypto_scrypt(intermediate_key, intermediate_key_size,
+ ftr->salt, sizeof(ftr->salt), N, r, p,
+ scrypted_intermediate_key,
+ sizeof(scrypted_intermediate_key));
+
+ free(intermediate_key);
+
+ if (rc) {
+ SLOGE("Can't scrypt intermediate key");
+ return rc;
+ }
+
+ return memcmp(scrypted_intermediate_key, ftr->scrypted_intermediate_key,
+ intermediate_key_size);
+}
diff --git a/cryptfs.h b/cryptfs.h
index 692d7ee..8574d90 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -73,6 +73,14 @@
complete. On next cryptkeeper entry, match \
the password. If it matches fix the master \
key and remove this flag. */
+#ifdef CONFIG_HW_DISK_ENCRYPTION
+/* This flag is used to transition from L->M upgrade. L release passed
+ * a byte for every nible of user password while M release is passing
+ * ascii value of user password.
+ * Random flag value is chosen so that it does not conflict with other use cases
+ */
+#define CRYPT_ASCII_PASSWORD_UPDATED 0x1000
+#endif
/* Allowed values for type in the structure below */
#define CRYPT_TYPE_PASSWORD \
@@ -200,6 +208,7 @@
};
#define DATA_MNT_POINT "/data"
+#define METADATA_MNT_POINT "/metadata"
/* Return values for cryptfs_crypto_complete */
#define CRYPTO_COMPLETE_NOT_ENCRYPTED 1
@@ -242,7 +251,7 @@
int cryptfs_verify_passwd(const char* pw);
int cryptfs_restart(void);
int cryptfs_enable(int type, const char* passwd, int no_ui);
-int cryptfs_changepw(int type, const char* newpw);
+int cryptfs_changepw(int type, const char* currentpw, const char* newpw);
int cryptfs_enable_default(int no_ui);
int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev, const unsigned char* key,
char* out_crypto_blkdev);
diff --git a/model/Disk.cpp b/model/Disk.cpp
index b66c336..e10e251 100644
--- a/model/Disk.cpp
+++ b/model/Disk.cpp
@@ -21,6 +21,7 @@
#include "Utils.h"
#include "VolumeBase.h"
#include "VolumeManager.h"
+#include "KeyStorage.h"
#include <android-base/file.h>
#include <android-base/logging.h>
@@ -42,9 +43,13 @@
#include <sys/types.h>
#include <vector>
+#define MAX_USER_ID 0xFFFFFFFF
+constexpr int FS_AES_256_XTS_KEY_SIZE = 64;
+
using android::base::ReadFileToString;
using android::base::StringPrintf;
using android::base::WriteStringToFile;
+using android::hardware::keymaster::V4_0::KeyFormat;
namespace android {
namespace vold {
@@ -214,9 +219,25 @@
return;
}
+ if (is_ice_supported_external(mFlags)) {
+ if (is_metadata_wrapped_key_supported()) {
+ KeyBuffer ephemeral_wrapped_key;
+ KeyBuffer key_buf = KeyBuffer(keyRaw.size());
+ memcpy(reinterpret_cast<void*>(key_buf.data()), keyRaw.c_str(),
+ keyRaw.size());
+ if (!getEphemeralWrappedKey(KeyFormat::RAW, key_buf,
+ &ephemeral_wrapped_key)) {
+ return;
+ }
+ keyRaw = std::string(ephemeral_wrapped_key.data(),
+ ephemeral_wrapped_key.size());
+ }
+ }
+
LOG(DEBUG) << "Found key for GUID " << normalizedGuid;
- auto vol = std::shared_ptr<VolumeBase>(new PrivateVolume(device, keyRaw));
+ auto vol = std::shared_ptr<VolumeBase>(new PrivateVolume(device, keyRaw,
+ mFlags));
if (mJustPartitioned) {
LOG(DEBUG) << "Device just partitioned; silently formatting";
vol->setSilent(true);
@@ -505,9 +526,25 @@
}
std::string keyRaw;
- if (ReadRandomBytes(cryptfs_get_keysize(), keyRaw) != OK) {
- LOG(ERROR) << "Failed to generate key";
- return -EIO;
+
+ if (is_ice_supported_external(mFlags)) {
+ if (is_metadata_wrapped_key_supported()) {
+ KeyBuffer key_buf;
+ if (!generateWrappedKey(MAX_USER_ID, android::vold::KeyType::ME,
+ &key_buf))
+ return -EIO;
+ keyRaw = std::string(key_buf.data(), key_buf.size());
+ } else {
+ if (ReadRandomBytes(FS_AES_256_XTS_KEY_SIZE, keyRaw) != OK) {
+ LOG(ERROR) << "Failed to generate key";
+ return -EIO;
+ }
+ }
+ } else {
+ if (ReadRandomBytes(cryptfs_get_keysize(), keyRaw) != OK) {
+ LOG(ERROR) << "Failed to generate key";
+ return -EIO;
+ }
}
std::string partGuid;
diff --git a/model/Disk.h b/model/Disk.h
index 889e906..13168e5 100644
--- a/model/Disk.h
+++ b/model/Disk.h
@@ -52,6 +52,8 @@
kUsb = 1 << 3,
/* Flag that disk is EMMC internal */
kEmmc = 1 << 4,
+ /* Flag that disk is UFS Card */
+ kUfsCard = 1 << 5,
};
const std::string& getId() const { return mId; }
diff --git a/model/PrivateVolume.cpp b/model/PrivateVolume.cpp
index 5098e5d..3ae9ca5 100644
--- a/model/PrivateVolume.cpp
+++ b/model/PrivateVolume.cpp
@@ -21,6 +21,8 @@
#include "cryptfs.h"
#include "fs/Ext4.h"
#include "fs/F2fs.h"
+#include "MetadataCrypt.h"
+#include "FsCrypt.h"
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
@@ -36,6 +38,11 @@
#include <sys/types.h>
#include <sys/wait.h>
+#define RETRY_MOUNT_ATTEMPTS 10
+#define RETRY_MOUNT_DELAY_SECONDS 1
+
+constexpr int FS_AES_256_XTS_KEY_SIZE = 64;
+
using android::base::StringPrintf;
namespace android {
@@ -43,8 +50,9 @@
static const unsigned int kMajorBlockMmc = 179;
-PrivateVolume::PrivateVolume(dev_t device, const std::string& keyRaw)
- : VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw) {
+PrivateVolume::PrivateVolume(dev_t device, const std::string& keyRaw, int flags)
+ : VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw),
+ mDiskFlags(flags) {
setId(StringPrintf("private:%u,%u", major(device), minor(device)));
mRawDevPath = StringPrintf("/dev/block/vold/%s", getId().c_str());
}
@@ -64,10 +72,19 @@
if (CreateDeviceNode(mRawDevPath, mRawDevice)) {
return -EIO;
}
- if (mKeyRaw.size() != cryptfs_get_keysize()) {
- PLOG(ERROR) << getId() << " Raw keysize " << mKeyRaw.size()
- << " does not match crypt keysize " << cryptfs_get_keysize();
- return -EIO;
+
+ if (is_ice_supported_external(mDiskFlags)) {
+ if (mKeyRaw.size() != FS_AES_256_XTS_KEY_SIZE) {
+ PLOG(ERROR) << getId() << " Keysize " << mKeyRaw.size()
+ << " does not match AES XTS keysize " << FS_AES_256_XTS_KEY_SIZE;
+ return -EIO;
+ }
+ } else {
+ if (mKeyRaw.size() != cryptfs_get_keysize()) {
+ PLOG(ERROR) << getId() << " Raw keysize " << mKeyRaw.size()
+ << " does not match crypt keysize " << cryptfs_get_keysize();
+ return -EIO;
+ }
}
// Recover from stale vold by tearing down any old mappings
@@ -77,13 +94,41 @@
unsigned char* key = (unsigned char*)mKeyRaw.data();
char crypto_blkdev[MAXPATHLEN];
- int res = cryptfs_setup_ext_volume(getId().c_str(), mRawDevPath.c_str(), key, crypto_blkdev);
- mDmDevPath = crypto_blkdev;
+ int res = 0;
+
+ if (is_ice_supported_external(mDiskFlags))
+ res = fscrypt_setup_ufscard_volume (getId(), mRawDevPath, mKeyRaw, mDmDevPath);
+ else {
+ res = cryptfs_setup_ext_volume(getId().c_str(), mRawDevPath.c_str(),
+ key, crypto_blkdev);
+ mDmDevPath = crypto_blkdev;
+ }
+
if (res != 0) {
PLOG(ERROR) << getId() << " failed to setup cryptfs";
return -EIO;
}
+ int fd = 0;
+ int retries = RETRY_MOUNT_ATTEMPTS;
+ while ((fd = open(mDmDevPath.c_str(), O_WRONLY|O_CLOEXEC)) < 0) {
+ if (retries > 0) {
+ retries--;
+ PLOG(ERROR) << "Error opening crypto_blkdev " << mDmDevPath.c_str()
+ << " for private volume. err=" << errno
+ << "(" << strerror(errno) << "), retrying for the "
+ << RETRY_MOUNT_ATTEMPTS - retries << " time";
+ sleep(RETRY_MOUNT_DELAY_SECONDS);
+ } else {
+ PLOG(ERROR) << "Error opening crypto_blkdev " << mDmDevPath.c_str()
+ << " for private volume. err=" << errno
+ << "(" << strerror(errno) << "), retried "
+ << RETRY_MOUNT_ATTEMPTS << " times";
+ close(fd);
+ return -EIO;
+ }
+ }
+ close(fd);
return OK;
}
@@ -186,7 +231,10 @@
if (fsType == "auto") {
// For now, assume that all MMC devices are flash-based SD cards, and
// give everyone else ext4 because sysfs rotational isn't reliable.
- if ((major(mRawDevice) == kMajorBlockMmc) && f2fs::IsSupported()) {
+ if (((major(mRawDevice) == kMajorBlockMmc) ||
+ ((mDiskFlags & android::vold::Disk::Flags::kUfsCard) ==
+ android::vold::Disk::Flags::kUfsCard)) &&
+ f2fs::IsSupported()) {
resolvedFsType = "f2fs";
} else {
resolvedFsType = "ext4";
diff --git a/model/PrivateVolume.h b/model/PrivateVolume.h
index 656172f..f00e8a0 100644
--- a/model/PrivateVolume.h
+++ b/model/PrivateVolume.h
@@ -37,7 +37,7 @@
*/
class PrivateVolume : public VolumeBase {
public:
- PrivateVolume(dev_t device, const std::string& keyRaw);
+ PrivateVolume(dev_t device, const std::string& keyRaw, int flags);
virtual ~PrivateVolume();
const std::string& getFsType() const { return mFsType; };
const std::string& getRawDevPath() const { return mRawDevPath; };
@@ -66,7 +66,8 @@
/* Encryption key as raw bytes */
std::string mKeyRaw;
-
+ /* Flags associated with corresponding disk */
+ int mDiskFlags;
/* Filesystem type */
std::string mFsType;
/* Filesystem UUID */