Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: TeamWin/android_system_core
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: android-10.0
Choose a base ref
...
head repository: sm6150-dev/android_system_core
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: android-10.0
Choose a head ref
Able to merge. These branches can be automatically merged.
  • 1 commit
  • 3 files changed
  • 1 contributor

Commits on Nov 16, 2020

  1. [BACKPORT]fs_mgr: Don't parse encryption options, just keep string

    We now defer parsing encryption options to the fscrypt library. To avoid
    adding a dependency, we simply record the options string in the fstab
    and defer parsing until it's needed.
    
    Bug: 143307095
    Test: cuttlefish still boots
    Change-Id: Ied13ea2f731c63b0524aed11db6983a86dab9fa1
    ciphergoth authored and PIPIPIG233666 committed Nov 16, 2020

    Verified

    This commit was signed with the committer’s verified signature.
    miscco Michael Schellenberger Costa
    Copy the full SHA
    84375f4 View commit details
Showing with 11 additions and 137 deletions.
  1. +2 −52 fs_mgr/fs_mgr_fstab.cpp
  2. +1 −2 fs_mgr/include_fstab/fstab/fstab.h
  3. +8 −83 fs_mgr/tests/fs_mgr_test.cpp
54 changes: 2 additions & 52 deletions fs_mgr/fs_mgr_fstab.cpp
Original file line number Diff line number Diff line change
@@ -98,58 +98,9 @@ bool ReadDtFile(const std::string& file_name, std::string* dt_value) {
return false;
}

const std::array<const char*, 3> kFileContentsEncryptionMode = {
"aes-256-xts",
"adiantum",
"ice",
};

const std::array<const char*, 3> kFileNamesEncryptionMode = {
"aes-256-cts",
"aes-256-heh",
"adiantum",
};

void ParseFileEncryption(const std::string& arg, FstabEntry* entry) {
// The fileencryption flag is followed by an = and the mode of contents encryption, then
// optionally a and the mode of filenames encryption (defaults to aes-256-cts). Get it and
// return it.
entry->fs_mgr_flags.file_encryption = true;

auto parts = Split(arg, ":");
if (parts.empty() || parts.size() > 2) {
LWARNING << "Warning: fileencryption= flag malformed: " << arg;
return;
}

// Alias for backwards compatibility.
if (parts[0] == "software") {
parts[0] = "aes-256-xts";
}

if (std::find(kFileContentsEncryptionMode.begin(), kFileContentsEncryptionMode.end(),
parts[0]) == kFileContentsEncryptionMode.end()) {
LWARNING << "fileencryption= flag malformed, file contents encryption mode not found: "
<< arg;
return;
}

entry->file_contents_mode = parts[0];

if (parts.size() == 2) {
if (std::find(kFileNamesEncryptionMode.begin(), kFileNamesEncryptionMode.end(), parts[1]) ==
kFileNamesEncryptionMode.end()) {
LWARNING << "fileencryption= flag malformed, file names encryption mode not found: "
<< arg;
return;
}

entry->file_names_mode = parts[1];
} else if (entry->file_contents_mode == "adiantum") {
entry->file_names_mode = "adiantum";
} else {
entry->file_names_mode = "aes-256-cts";
}
entry->encryption_options = arg;
}

bool SetMountFlag(const std::string& flag, FstabEntry* entry) {
@@ -277,8 +228,7 @@ void ParseFsMgrFlags(const std::string& flags, FstabEntry* entry) {
// return it.
entry->fs_mgr_flags.force_fde_or_fbe = true;
entry->key_loc = arg;
entry->file_contents_mode = "aes-256-xts";
entry->file_names_mode = "aes-256-cts";
entry->encryption_options = "aes-256-xts:aes-256-cts";
} else if (StartsWith(flag, "max_comp_streams=")) {
if (!ParseInt(arg, &entry->max_comp_streams)) {
LWARNING << "Warning: max_comp_streams= flag malformed: " << arg;
3 changes: 1 addition & 2 deletions fs_mgr/include_fstab/fstab/fstab.h
Original file line number Diff line number Diff line change
@@ -46,8 +46,7 @@ struct FstabEntry {
int max_comp_streams = 0;
off64_t zram_size = 0;
off64_t reserved_size = 0;
std::string file_contents_mode;
std::string file_names_mode;
std::string encryption_options;
off64_t erase_blk_size = 0;
off64_t logical_blk_size = 0;
std::string sysfs_path;
91 changes: 8 additions & 83 deletions fs_mgr/tests/fs_mgr_test.cpp
Original file line number Diff line number Diff line change
@@ -421,8 +421,7 @@ source none2 swap defaults forcefdeorfbe=
EXPECT_EQ(0, entry->max_comp_streams);
EXPECT_EQ(0, entry->zram_size);
EXPECT_EQ(0, entry->reserved_size);
EXPECT_EQ("", entry->file_contents_mode);
EXPECT_EQ("", entry->file_names_mode);
EXPECT_EQ("", entry->encryption_options);
EXPECT_EQ(0, entry->erase_blk_size);
EXPECT_EQ(0, entry->logical_blk_size);
EXPECT_EQ("", entry->sysfs_path);
@@ -451,8 +450,7 @@ source none2 swap defaults forcefdeorfbe=
EXPECT_EQ(0, entry->max_comp_streams);
EXPECT_EQ(0, entry->zram_size);
EXPECT_EQ(0, entry->reserved_size);
EXPECT_EQ("", entry->file_contents_mode);
EXPECT_EQ("", entry->file_names_mode);
EXPECT_EQ("", entry->encryption_options);
EXPECT_EQ(0, entry->erase_blk_size);
EXPECT_EQ(0, entry->logical_blk_size);
EXPECT_EQ("", entry->sysfs_path);
@@ -461,15 +459,14 @@ source none2 swap defaults forcefdeorfbe=
EXPECT_EQ("", entry->zram_backing_dev_path);
entry++;

// forcefdeorfbe sets file_contents_mode and file_names_mode by default, so test it separately.
// forcefdeorfbe has its own encryption_options defaults, so test it separately.
EXPECT_EQ("none2", entry->mount_point);
{
FstabEntry::FsMgrFlags flags = {};
flags.force_fde_or_fbe = true;
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
}
EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);
EXPECT_EQ("aes-256-xts:aes-256-cts", entry->encryption_options);
EXPECT_EQ("", entry->key_loc);
}

@@ -706,101 +703,29 @@ source none0 swap defaults forcefdeorfbe=/dir/key
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));

EXPECT_EQ("/dir/key", entry->key_loc);
EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);
EXPECT_EQ("aes-256-xts:aes-256-cts", entry->encryption_options);
}

TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_FileEncryption) {
TemporaryFile tf;
ASSERT_TRUE(tf.fd != -1);
std::string fstab_contents = R"fs(
source none0 swap defaults fileencryption=blah
source none1 swap defaults fileencryption=software
source none2 swap defaults fileencryption=aes-256-xts
source none3 swap defaults fileencryption=adiantum
source none4 swap defaults fileencryption=adiantum:aes-256-heh
source none5 swap defaults fileencryption=ice
source none6 swap defaults fileencryption=ice:blah
source none7 swap defaults fileencryption=ice:aes-256-cts
source none8 swap defaults fileencryption=ice:aes-256-heh
source none9 swap defaults fileencryption=ice:adiantum
source none10 swap defaults fileencryption=ice:adiantum:
source none0 swap defaults fileencryption=aes-256-xts:aes-256-cts:v1
)fs";

ASSERT_TRUE(android::base::WriteStringToFile(fstab_contents, tf.path));

Fstab fstab;
EXPECT_TRUE(ReadFstabFromFile(tf.path, &fstab));
ASSERT_EQ(11U, fstab.size());
ASSERT_EQ(1U, fstab.size());

FstabEntry::FsMgrFlags flags = {};
flags.file_encryption = true;

auto entry = fstab.begin();
EXPECT_EQ("none0", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("", entry->file_contents_mode);
EXPECT_EQ("", entry->file_names_mode);

entry++;
EXPECT_EQ("none1", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);

entry++;
EXPECT_EQ("none2", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("aes-256-xts", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);

entry++;
EXPECT_EQ("none3", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("adiantum", entry->file_contents_mode);
EXPECT_EQ("adiantum", entry->file_names_mode);

entry++;
EXPECT_EQ("none4", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("adiantum", entry->file_contents_mode);
EXPECT_EQ("aes-256-heh", entry->file_names_mode);

entry++;
EXPECT_EQ("none5", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);

entry++;
EXPECT_EQ("none6", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("", entry->file_names_mode);

entry++;
EXPECT_EQ("none7", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("aes-256-cts", entry->file_names_mode);

entry++;
EXPECT_EQ("none8", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("aes-256-heh", entry->file_names_mode);

entry++;
EXPECT_EQ("none9", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("ice", entry->file_contents_mode);
EXPECT_EQ("adiantum", entry->file_names_mode);

entry++;
EXPECT_EQ("none10", entry->mount_point);
EXPECT_TRUE(CompareFlags(flags, entry->fs_mgr_flags));
EXPECT_EQ("", entry->file_contents_mode);
EXPECT_EQ("", entry->file_names_mode);
EXPECT_EQ("aes-256-xts:aes-256-cts:v1", entry->encryption_options);
}

TEST(fs_mgr, ReadFstabFromFile_FsMgrOptions_MaxCompStreams) {