Revert "system: vold: Use ICE for UFS card"
This reverts commit 38cbb94341fb03d556477468457cee0848437a82.
CRs-Fixed: 2609414
Change-Id: Ib282a50d6d5a6737f5d6e3cfb8f2efb6e7b32e3a
diff --git a/FsCrypt.cpp b/FsCrypt.cpp
index 0d4f02e..183878a 100644
--- a/FsCrypt.cpp
+++ b/FsCrypt.cpp
@@ -21,7 +21,6 @@
#include "KeyUtil.h"
#include "Utils.h"
#include "VoldUtil.h"
-#include "model/Disk.h"
#include <algorithm>
#include <map>
@@ -222,8 +221,7 @@
// Retrieve the options to use for encryption policies on adoptable storage.
static bool get_volume_file_encryption_options(EncryptionOptions* options, int flags) {
auto contents_mode =
- android::base::GetProperty("ro.crypto.volume.contents_mode",
- is_ice_supported_external(flags) ? "ice" : "aes-256-xts");
+ android::base::GetProperty("ro.crypto.volume.contents_mode", "aes-256-xts");
auto filenames_mode =
android::base::GetProperty("ro.crypto.volume.filenames_mode", "aes-256-heh");
return ParseOptions(android::base::GetProperty("ro.crypto.volume.options",
@@ -241,24 +239,11 @@
return android::vold::evictKey(DATA_MNT_POINT, raw_ref, get_data_file_policy_version());
}
-bool is_ice_supported_external(int flags) {
- /*
- * Logic can be changed when more card controllers start supporting ICE.
- * Until then, checking only for UFS card.
- */
- if ((flags & android::vold::Disk::Flags::kUfsCard) ==
- android::vold::Disk::Flags::kUfsCard)
- return true;
- return false;
-}
-
bool is_wrapped_key_supported() {
return GetEntryForMountPoint(&fstab_default, DATA_MNT_POINT)->fs_mgr_flags.wrapped_key;
}
-bool is_wrapped_key_supported_external(int flags) {
- if (is_ice_supported_external(flags))
- return GetEntryForMountPoint(&fstab_default, DATA_MNT_POINT)->fs_mgr_flags.wrapped_key;
+static bool is_wrapped_key_supported_external() {
return false;
}
@@ -676,7 +661,7 @@
android::vold::KeyAuthentication auth("", secdiscardable_hash);
if (!get_volume_file_encryption_options(&policy->options, flags)) return false;
- wrapped_key_supported = is_wrapped_key_supported_external(flags);
+ wrapped_key_supported = is_wrapped_key_supported_external();
return android::vold::retrieveAndInstallKey(true, auth, key_path, key_path + "_tmp",
volume_uuid, policy->options.version,
diff --git a/FsCrypt.h b/FsCrypt.h
index 114dd3c..76fee95 100644
--- a/FsCrypt.h
+++ b/FsCrypt.h
@@ -38,7 +38,5 @@
bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
bool fscrypt_destroy_volume_keys(const std::string& volume_uuid);
-bool is_ice_supported_external(int flags);
bool is_wrapped_key_supported();
bool is_metadata_wrapped_key_supported();
-bool is_wrapped_key_supported_external(int flags);
diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp
index dc4ceb8..3c2e0d5 100644
--- a/MetadataCrypt.cpp
+++ b/MetadataCrypt.cpp
@@ -234,17 +234,3 @@
mount_via_fs_mgr(data_rec->mount_point.c_str(), crypto_blkdev.c_str());
return true;
}
-
-int fscrypt_setup_ufscard_volume (const std::string& dm_name, const std::string& real_blkdev,
- const std::string& key, std::string& crypto_blkdev)
-{
- KeyBuffer key_buf = KeyBuffer(key.size());
- memcpy(reinterpret_cast<void*>(key_buf.data()), key.c_str(), key.size());
- uint64_t nr_sec;
- if (!get_number_of_sectors(real_blkdev, &nr_sec)) return -1;
- if (!create_crypto_blk_dev(dm_name, nr_sec, real_blkdev, key_buf, &crypto_blkdev,
- android::base::GetBoolProperty("ro.crypto.set_dun", false)))
- return -1;
-
- return 0;
-}
diff --git a/MetadataCrypt.h b/MetadataCrypt.h
index 2f33c31..cd0f5e5 100644
--- a/MetadataCrypt.h
+++ b/MetadataCrypt.h
@@ -21,7 +21,5 @@
bool fscrypt_mount_metadata_encrypted(const std::string& block_device,
const std::string& mount_point, bool needs_encrypt);
-int fscrypt_setup_ufscard_volume (const std::string& dm_name, const std::string& real_blkdev,
- const std::string& key, std::string& crypto_blkdev);
#endif
diff --git a/VolumeManager.cpp b/VolumeManager.cpp
index caf311d..f1cd232 100644
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@@ -232,9 +232,6 @@
major >= (int)kMajorBlockExperimentalMin &&
major <= (int)kMajorBlockExperimentalMax)) {
flags |= android::vold::Disk::Flags::kSd;
- } else if (eventPath.find("ufs") != std::string::npos) {
- flags |= android::vold::Disk::Flags::kSd;
- flags |= android::vold::Disk::Flags::kUfsCard;
} else {
flags |= android::vold::Disk::Flags::kUsb;
}
diff --git a/model/Disk.cpp b/model/Disk.cpp
index e10e251..b66c336 100644
--- a/model/Disk.cpp
+++ b/model/Disk.cpp
@@ -21,7 +21,6 @@
#include "Utils.h"
#include "VolumeBase.h"
#include "VolumeManager.h"
-#include "KeyStorage.h"
#include <android-base/file.h>
#include <android-base/logging.h>
@@ -43,13 +42,9 @@
#include <sys/types.h>
#include <vector>
-#define MAX_USER_ID 0xFFFFFFFF
-constexpr int FS_AES_256_XTS_KEY_SIZE = 64;
-
using android::base::ReadFileToString;
using android::base::StringPrintf;
using android::base::WriteStringToFile;
-using android::hardware::keymaster::V4_0::KeyFormat;
namespace android {
namespace vold {
@@ -219,25 +214,9 @@
return;
}
- if (is_ice_supported_external(mFlags)) {
- if (is_metadata_wrapped_key_supported()) {
- KeyBuffer ephemeral_wrapped_key;
- KeyBuffer key_buf = KeyBuffer(keyRaw.size());
- memcpy(reinterpret_cast<void*>(key_buf.data()), keyRaw.c_str(),
- keyRaw.size());
- if (!getEphemeralWrappedKey(KeyFormat::RAW, key_buf,
- &ephemeral_wrapped_key)) {
- return;
- }
- keyRaw = std::string(ephemeral_wrapped_key.data(),
- ephemeral_wrapped_key.size());
- }
- }
-
LOG(DEBUG) << "Found key for GUID " << normalizedGuid;
- auto vol = std::shared_ptr<VolumeBase>(new PrivateVolume(device, keyRaw,
- mFlags));
+ auto vol = std::shared_ptr<VolumeBase>(new PrivateVolume(device, keyRaw));
if (mJustPartitioned) {
LOG(DEBUG) << "Device just partitioned; silently formatting";
vol->setSilent(true);
@@ -526,25 +505,9 @@
}
std::string keyRaw;
-
- if (is_ice_supported_external(mFlags)) {
- if (is_metadata_wrapped_key_supported()) {
- KeyBuffer key_buf;
- if (!generateWrappedKey(MAX_USER_ID, android::vold::KeyType::ME,
- &key_buf))
- return -EIO;
- keyRaw = std::string(key_buf.data(), key_buf.size());
- } else {
- if (ReadRandomBytes(FS_AES_256_XTS_KEY_SIZE, keyRaw) != OK) {
- LOG(ERROR) << "Failed to generate key";
- return -EIO;
- }
- }
- } else {
- if (ReadRandomBytes(cryptfs_get_keysize(), keyRaw) != OK) {
- LOG(ERROR) << "Failed to generate key";
- return -EIO;
- }
+ if (ReadRandomBytes(cryptfs_get_keysize(), keyRaw) != OK) {
+ LOG(ERROR) << "Failed to generate key";
+ return -EIO;
}
std::string partGuid;
diff --git a/model/Disk.h b/model/Disk.h
index 13168e5..889e906 100644
--- a/model/Disk.h
+++ b/model/Disk.h
@@ -52,8 +52,6 @@
kUsb = 1 << 3,
/* Flag that disk is EMMC internal */
kEmmc = 1 << 4,
- /* Flag that disk is UFS Card */
- kUfsCard = 1 << 5,
};
const std::string& getId() const { return mId; }
diff --git a/model/PrivateVolume.cpp b/model/PrivateVolume.cpp
index 2e37f47..d50bc6c 100644
--- a/model/PrivateVolume.cpp
+++ b/model/PrivateVolume.cpp
@@ -21,8 +21,6 @@
#include "cryptfs.h"
#include "fs/Ext4.h"
#include "fs/F2fs.h"
-#include "MetadataCrypt.h"
-#include "FsCrypt.h"
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
@@ -41,8 +39,6 @@
#define RETRY_MOUNT_ATTEMPTS 10
#define RETRY_MOUNT_DELAY_SECONDS 1
-constexpr int FS_AES_256_XTS_KEY_SIZE = 64;
-
using android::base::StringPrintf;
namespace android {
@@ -50,9 +46,8 @@
static const unsigned int kMajorBlockMmc = 179;
-PrivateVolume::PrivateVolume(dev_t device, const std::string& keyRaw, int flags)
- : VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw),
- mDiskFlags(flags) {
+PrivateVolume::PrivateVolume(dev_t device, const std::string& keyRaw)
+ : VolumeBase(Type::kPrivate), mRawDevice(device), mKeyRaw(keyRaw) {
setId(StringPrintf("private:%u,%u", major(device), minor(device)));
mRawDevPath = StringPrintf("/dev/block/vold/%s", getId().c_str());
}
@@ -72,19 +67,10 @@
if (CreateDeviceNode(mRawDevPath, mRawDevice)) {
return -EIO;
}
-
- if (is_ice_supported_external(mDiskFlags)) {
- if (mKeyRaw.size() != FS_AES_256_XTS_KEY_SIZE) {
- PLOG(ERROR) << getId() << " Keysize " << mKeyRaw.size()
- << " does not match AES XTS keysize " << FS_AES_256_XTS_KEY_SIZE;
- return -EIO;
- }
- } else {
- if (mKeyRaw.size() != cryptfs_get_keysize()) {
- PLOG(ERROR) << getId() << " Raw keysize " << mKeyRaw.size()
- << " does not match crypt keysize " << cryptfs_get_keysize();
- return -EIO;
- }
+ if (mKeyRaw.size() != cryptfs_get_keysize()) {
+ PLOG(ERROR) << getId() << " Raw keysize " << mKeyRaw.size()
+ << " does not match crypt keysize " << cryptfs_get_keysize();
+ return -EIO;
}
// Recover from stale vold by tearing down any old mappings
@@ -94,16 +80,8 @@
unsigned char* key = (unsigned char*)mKeyRaw.data();
char crypto_blkdev[MAXPATHLEN];
- int res = 0;
-
- if (is_ice_supported_external(mDiskFlags))
- res = fscrypt_setup_ufscard_volume (getId(), mRawDevPath, mKeyRaw, mDmDevPath);
- else {
- res = cryptfs_setup_ext_volume(getId().c_str(), mRawDevPath.c_str(),
- key, crypto_blkdev);
- mDmDevPath = crypto_blkdev;
- }
-
+ int res = cryptfs_setup_ext_volume(getId().c_str(), mRawDevPath.c_str(), key, crypto_blkdev);
+ mDmDevPath = crypto_blkdev;
if (res != 0) {
PLOG(ERROR) << getId() << " failed to setup cryptfs";
return -EIO;
@@ -231,10 +209,7 @@
if (fsType == "auto") {
// For now, assume that all MMC devices are flash-based SD cards, and
// give everyone else ext4 because sysfs rotational isn't reliable.
- if (((major(mRawDevice) == kMajorBlockMmc) ||
- ((mDiskFlags & android::vold::Disk::Flags::kUfsCard) ==
- android::vold::Disk::Flags::kUfsCard)) &&
- f2fs::IsSupported()) {
+ if ((major(mRawDevice) == kMajorBlockMmc) && f2fs::IsSupported()) {
resolvedFsType = "f2fs";
} else {
resolvedFsType = "ext4";
diff --git a/model/PrivateVolume.h b/model/PrivateVolume.h
index f00e8a0..656172f 100644
--- a/model/PrivateVolume.h
+++ b/model/PrivateVolume.h
@@ -37,7 +37,7 @@
*/
class PrivateVolume : public VolumeBase {
public:
- PrivateVolume(dev_t device, const std::string& keyRaw, int flags);
+ PrivateVolume(dev_t device, const std::string& keyRaw);
virtual ~PrivateVolume();
const std::string& getFsType() const { return mFsType; };
const std::string& getRawDevPath() const { return mRawDevPath; };
@@ -66,8 +66,7 @@
/* Encryption key as raw bytes */
std::string mKeyRaw;
- /* Flags associated with corresponding disk */
- int mDiskFlags;
+
/* Filesystem type */
std::string mFsType;
/* Filesystem UUID */