| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Add support to upgrade key when export fails
with KEY_REQUIRES_UPGRADE.
CRs-Fixed: 2365225
Change-Id: I6b886929bd549920e42624261a63510a4b6a1ceb
|
| |
|
|
|
|
|
|
|
|
| |
Changes to key management in vold such that no keys
are present in the clear in HLOS. Using keymaster to
generate and manage keys.
CRs-Fixed: 2288316
Change-Id: Iaf5bf2eb60c60364f495e6d176e19b4848850028
|
| |
|
|
|
|
| |
Bug: 77338527
Test: Comment-only change.
Change-Id: I9f87e34854eabcc4c183553cf56a033970bb867e
|
| |
|
|
|
|
| |
Bug: 79307225
Test: Boot
Change-Id: I6682e86076aa568907d94024ef175dbdede86557
|
| |
|
|
|
|
|
|
|
| |
Until VerificationTokens are wired up, StrongBox can't work. Also,
this will reduce complications for early StrongBox testing.
Bug: 77338527
Test: Boot the device
Change-Id: I44a1577c388703aeecb2886e7db52084c17e2afd
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL changes vold from using a KM3 device directly to using the KM4
support wrapper from the KM4 support library, which supports both KM3
and KM4 devices (KM0, 1 and 2 devices are still supported as well,
because the default KM3 device is a wrapper that uses them).
In addition, I found myself getting confused about which "Keymaster"
types were locally-defined vold keymaster types and which were from
the KM4 HAL and support library, so I changd the approach to
referencing the latter, so all of them are qualified with the "km::"
namespace reference.
Test: Build & boot
Change-Id: I08ed5425641e7496f8597d5716cb3cd0cbd33a7f
|
| |
|
|
|
| |
Test: Build & boot
Change-Id: I92bb107409f493770028cf6fd637d34af7644262
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is temporary. Keystore is in the process of being upgraded to use
the new Keymaster 4.0 HAL, and I want to leave vold alone, using
Keymaster 3.0 for the moment. This CL just copies relevant bits of
keystore support utilities into vold, so it can stop depending on the
copies from keystore.
After the keystore update is complete, vold will be changed either to
use Keymaster 4.0 or -- more likely -- to use keystore rather than
talking to Keymaster directly. At that point the files added by this CL
will be deleted.
Test: Device boots and successfully decrypts /data
Change-Id: I73f6d4cc4c5e20d89d7ac37d29d025bf279f9e12
|
| |\ \
| |/
|/|
| |
| |
| | |
am: 997e605563
Change-Id: If2ca4a6bd3b7a2b36b6c092975bcfdde8e063a3e
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Correctly handle a key upgrade error from keymaster by upgrading the
FDE RSA key and writing the new key blob to disk.
Bug: 69792304
Test: Roll back PLATFORM_SECURITY_PATCH a month, wipe and reboot, roll
forwards again, check logs with and without this patch.
Change-Id: I220d2dd4e3d791f636e9bc5f063064cecbf1b88a
|
| |/
|
|
|
|
|
|
|
|
| |
std::vector with custom zeroing allocator is used instead of
std::string for data that can contain encryption keys.
Bug: 64201177
Test: manually created a managed profile, changed it's credentials
Test: manually upgraded a phone with profile from O to MR1.
Change-Id: Ic31877049f69eba9f8ea64fd99acaaca5a01d3dd
|
| |
|
|
|
| |
Test: Manual
Change-Id: I910dea4fab671436fe5eb2ab35a6ffaa86179b35
|
| |
|
|
|
|
|
|
|
|
| |
The compatibility check assumes that the keymaster session was created
successfully which is a faulty assumption.
This patch adds propper error handling to the check.
Bug: 35576166
Change-Id: I0c70a0e53f488f8bd3164898722f490cd0573ce3
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Change to use WaitForProperty API to wait for vold.post_fs_data_done
Also change cryptfs to C++
Bug: 35425974
Test: mma, marlin/angler boot
Change-Id: Id821f2035788fcc91909f296c83c871c67571de3
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
The getService() and registerAsService() methods of interface objects
now have default parameters of "default" for the service name. HALs
will not have to use any service name unless they want to register
more than one service.
Test: marlin boots
Bug: 33844934
Change-Id: I7c68c8b9ab0101b2f10ca20b9971a5bd34377168
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cryptfs uses keymaster for key derivation. Vold has a C++ abstraction
for Keymaster. However, cryptfs, being a pure C implementation, uses
its own abstraction of the keymaster HAL.
This patch expresses cryptfs' keymaster abstraction in terms of
vold's C++ Keymaster abstraction, consolidating the code base to a
single point where the actual keymaster HAL is beeing used.
Test: successfully upgrade bullhead/angler while using FDE and
having a PIN set
run vold_cryptfs_scrypt_hidlization_equivalence_test
Bug: 35028230
Bug: 32020919
Change-Id: Ic3b765720be0cf7899dda5005fa89347ffb59b9f
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bullhead-userdebug with disk encryption enabled and with PIN prompt at
boot can no longer unlock/mount encrypted userdata partition at boot
after updating from bullhead-userdebug prior to the two commits being
reverted here.
This reverts commit 6b7fa1bf178cd941aabe815d17da38d2e55d9867.
This reverts commit bbe31ba776fe73da2959c5ab442e191d8371a8f3.
Test: Flash bullhead-userdebug build created prior to the above two
commits, enable disk (set PIN to 1234) with PIN required at
boot, reboot, confirm that PIN prompt accepts the PIN, confirm
that device fully boots up and appears operational. Flash build
with this commit without wiping userdata, confirm that PIN
prompt at boot accepts the PIN and device fully boots up and
appears operational.
Bug: 35028230
Change-Id: I1e9303e9d007c0c9a3021c874340156748dff5f5
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Cryptfs uses keymaster for key derivation. Vold has a C++ abstraction
for Keymaster. However, cryptfs, being a pure C implementation, uses
its own abstraction of the keymaster HAL.
This patch expresses cryptfs' keymaster abstraction in terms of
vold's C++ Keymaster abstraction, consolidating the code base to a
single point where the actual keymaster HAL is beeing used.
Test: marlin device boots with FBE enabled
Change-Id: Ia51fed5508e06fd6c436cca193791e57e0ab99ea
|
| |
|
|
|
| |
Bug: 32020919
Change-Id: If45ece76fdaf4d2c80eddc537e429633e4d42f9d
|
| |
|
|
|
| |
Bug: 27212248
Change-Id: I96bd9a442f4f535ba6ea44c9e81bcc1fee0ec471
|
| |
|
|
|
| |
Bug: 28341362
Change-Id: I30adc5ba8e977aa6626d12f0981fa580d1425a4e
|
| |
|
|
|
| |
Bug: 27718275
Change-Id: I0b2aa74f45fd07a121ce0c342b27426a3fe593ce
|
| |
|
|
|
|
|
| |
The formatting here is inconsistent with Android house style; use
clang-format to bring it back into line.
Change-Id: Id1fe6ff54e9b668ca88c3fc021ae0a5bdd1327eb
|
| |
|
|
|
|
|
|
|
| |
Google/Android C++ style requires that arguments passed in for writing
should be pointers, not references, so that it's visible in the caller
that they'll be written to.
Bug: 27566014
Change-Id: I5cd55906cc4b2f61c8b97b223786be0b3ce28862
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- catch errors in looking for the keyring
- static_assert to prevent a buffer overrun
- remove obsolete, misleading comment
- dial down priority of some log messages
- explain why we ignore some errors
- idiomatic C++11
Bug: 27552432
Change-Id: Ic3ee05b41eae45e7c6b571a459b326a483663526
|
| |
|
|
|
|
|
| |
The key storage module didn't comply with Android coding standards
and had room for improvemnet in a few other ways, so have cleaned up.
Change-Id: I260ccff316423169cf887e538113b5ea400892f2
|
|
|
Instead of writing raw keys, encrypt the keys with keymaster. This
paves the way to protecting them with auth tokens and passwords later.
In addition, fold in the hash of a 16k file into their encryption, to
ensure secure deletion works properly.
Now even C++ier!
Bug: 22502684
Bug: 22950892
Change-Id: If70f139e342373533c42d5a298444b8438428322
|
