1 /*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "FsCrypt.h"
18
19 #include "Checkpoint.h"
20 #include "KeyStorage.h"
21 #include "KeyUtil.h"
22 #include "Utils.h"
23 #include "VoldUtil.h"
24
25 #include <algorithm>
26 #include <map>
27 #include <optional>
28 #include <set>
29 #include <sstream>
30 #include <string>
31 #include <vector>
32
33 #include <dirent.h>
34 #include <errno.h>
35 #include <fcntl.h>
36 #include <limits.h>
37 #include <sys/mount.h>
38 #include <sys/stat.h>
39 #include <sys/types.h>
40 #include <sys/utsname.h>
41 #include <unistd.h>
42
43 #include <private/android_filesystem_config.h>
44 #include <private/android_projectid_config.h>
45
46 #include "android/os/IVold.h"
47
48 #include <cutils/fs.h>
49 #include <cutils/properties.h>
50
51 #include <fscrypt/fscrypt.h>
52 #include <libdm/dm.h>
53
54 #include <android-base/file.h>
55 #include <android-base/logging.h>
56 #include <android-base/properties.h>
57 #include <android-base/stringprintf.h>
58 #include <android-base/strings.h>
59 #include <android-base/unique_fd.h>
60
61 using android::base::Basename;
62 using android::base::Realpath;
63 using android::base::StartsWith;
64 using android::base::StringPrintf;
65 using android::fs_mgr::GetEntryForMountPoint;
66 using android::vold::BuildDataPath;
67 using android::vold::IsDotOrDotDot;
68 using android::vold::IsFilesystemSupported;
69 using android::vold::kEmptyAuthentication;
70 using android::vold::KeyBuffer;
71 using android::vold::KeyGeneration;
72 using android::vold::retrieveKey;
73 using android::vold::retrieveOrGenerateKey;
74 using android::vold::SetDefaultAcl;
75 using android::vold::SetQuotaInherit;
76 using android::vold::SetQuotaProjectId;
77 using namespace android::fscrypt;
78 using namespace android::dm;
79
80 namespace {
81
82 const std::string device_key_dir = std::string() + DATA_MNT_POINT + fscrypt_unencrypted_folder;
83 const std::string device_key_path = device_key_dir + "/key";
84 const std::string device_key_temp = device_key_dir + "/temp";
85
86 const std::string user_key_dir = std::string() + DATA_MNT_POINT + "/misc/vold/user_keys";
87 const std::string user_key_temp = user_key_dir + "/temp";
88 const std::string prepare_subdirs_path = "/system/bin/vold_prepare_subdirs";
89
90 const std::string systemwide_volume_key_dir =
91 std::string() + DATA_MNT_POINT + "/misc/vold/volume_keys";
92
93 const std::string data_data_dir = std::string() + DATA_MNT_POINT + "/data";
94 const std::string data_user_0_dir = std::string() + DATA_MNT_POINT + "/user/0";
95 const std::string media_obb_dir = std::string() + DATA_MNT_POINT + "/media/obb";
96
97 // The file encryption options to use on the /data filesystem
98 EncryptionOptions s_data_options;
99
100 // Some users are ephemeral; don't try to store or wipe their keys on disk.
101 std::set<userid_t> s_ephemeral_users;
102
103 // New CE keys that haven't been committed to disk yet
104 std::map<userid_t, KeyBuffer> s_new_ce_keys;
105
106 // CE key fixation operations that have been deferred to checkpoint commit
107 std::map<std::string, std::string> s_deferred_fixations;
108
109 // The system DE encryption policy
110 EncryptionPolicy s_device_policy;
111
112 // Struct that holds the EncryptionPolicy for each CE or DE key that is currently installed
113 // (added to the kernel) for a particular user
114 struct UserPolicies {
115 // Internal storage policy. Exists whenever a user's UserPolicies exists at all, and used
116 // instead of a map entry keyed by an empty UUID to make this invariant explicit.
117 EncryptionPolicy internal;
118 // Adoptable storage policies, indexed by (nonempty) volume UUID
119 std::map<std::string, EncryptionPolicy> adoptable;
120 };
121
122 // The currently installed CE and DE keys for each user. Protected by VolumeManager::mCryptLock.
123 std::map<userid_t, UserPolicies> s_ce_policies;
124 std::map<userid_t, UserPolicies> s_de_policies;
125
126 } // namespace
127
128 // Returns KeyGeneration suitable for key as described in EncryptionOptions
makeGen(const EncryptionOptions & options)129 static KeyGeneration makeGen(const EncryptionOptions& options) {
130 if (options.version == 0) {
131 LOG(ERROR) << "EncryptionOptions not initialized";
132 return android::vold::neverGen();
133 }
134 return KeyGeneration{FSCRYPT_MAX_KEY_SIZE, true, options.use_hw_wrapped_key};
135 }
136
escape_empty(const std::string & value)137 static const char* escape_empty(const std::string& value) {
138 return value.empty() ? "null" : value.c_str();
139 }
140
get_de_key_path(userid_t user_id)141 static std::string get_de_key_path(userid_t user_id) {
142 return StringPrintf("%s/de/%d", user_key_dir.c_str(), user_id);
143 }
144
get_ce_key_directory_path(userid_t user_id)145 static std::string get_ce_key_directory_path(userid_t user_id) {
146 return StringPrintf("%s/ce/%d", user_key_dir.c_str(), user_id);
147 }
148
149 // Returns the keys newest first
get_ce_key_paths(const std::string & directory_path)150 static std::vector<std::string> get_ce_key_paths(const std::string& directory_path) {
151 auto dirp = std::unique_ptr<DIR, int (*)(DIR*)>(opendir(directory_path.c_str()), closedir);
152 if (!dirp) {
153 PLOG(ERROR) << "Unable to open ce key directory: " + directory_path;
154 return std::vector<std::string>();
155 }
156 std::vector<std::string> result;
157 for (;;) {
158 errno = 0;
159 auto const entry = readdir(dirp.get());
160 if (!entry) {
161 if (errno) {
162 PLOG(ERROR) << "Unable to read ce key directory: " + directory_path;
163 return std::vector<std::string>();
164 }
165 break;
166 }
167 if (IsDotOrDotDot(*entry)) continue;
168 if (entry->d_type != DT_DIR || entry->d_name[0] != 'c') {
169 LOG(DEBUG) << "Skipping non-key " << entry->d_name;
170 continue;
171 }
172 result.emplace_back(directory_path + "/" + entry->d_name);
173 }
174 std::sort(result.begin(), result.end());
175 std::reverse(result.begin(), result.end());
176 return result;
177 }
178
get_ce_key_current_path(const std::string & directory_path)179 static std::string get_ce_key_current_path(const std::string& directory_path) {
180 return directory_path + "/current";
181 }
182
get_ce_key_new_path(const std::string & directory_path,const std::vector<std::string> & paths,std::string * ce_key_path)183 static bool get_ce_key_new_path(const std::string& directory_path,
184 const std::vector<std::string>& paths, std::string* ce_key_path) {
185 if (paths.empty()) {
186 *ce_key_path = get_ce_key_current_path(directory_path);
187 return true;
188 }
189 for (unsigned int i = 0; i < UINT_MAX; i++) {
190 auto const candidate = StringPrintf("%s/cx%010u", directory_path.c_str(), i);
191 if (paths[0] < candidate) {
192 *ce_key_path = candidate;
193 return true;
194 }
195 }
196 return false;
197 }
198
199 // Discard all keys but the named one; rename it to canonical name.
fixate_user_ce_key(const std::string & directory_path,const std::string & to_fix,const std::vector<std::string> & paths)200 static bool fixate_user_ce_key(const std::string& directory_path, const std::string& to_fix,
201 const std::vector<std::string>& paths) {
202 bool need_sync = false;
203 for (auto const other_path : paths) {
204 if (other_path != to_fix) {
205 android::vold::destroyKey(other_path);
206 need_sync = true;
207 }
208 }
209 auto const current_path = get_ce_key_current_path(directory_path);
210 if (to_fix != current_path) {
211 LOG(DEBUG) << "Renaming " << to_fix << " to " << current_path;
212 if (!android::vold::RenameKeyDir(to_fix, current_path)) return false;
213 need_sync = true;
214 }
215 if (need_sync && !android::vold::FsyncDirectory(directory_path)) return false;
216 return true;
217 }
218
read_and_fixate_user_ce_key(userid_t user_id,const android::vold::KeyAuthentication & auth,KeyBuffer * ce_key)219 static bool read_and_fixate_user_ce_key(userid_t user_id,
220 const android::vold::KeyAuthentication& auth,
221 KeyBuffer* ce_key) {
222 auto const directory_path = get_ce_key_directory_path(user_id);
223 auto const paths = get_ce_key_paths(directory_path);
224 for (auto const ce_key_path : paths) {
225 LOG(DEBUG) << "Trying user CE key " << ce_key_path;
226 if (retrieveKey(ce_key_path, auth, ce_key)) {
227 LOG(DEBUG) << "Successfully retrieved key";
228 s_deferred_fixations.erase(directory_path);
229 fixate_user_ce_key(directory_path, ce_key_path, paths);
230 return true;
231 }
232 }
233 LOG(ERROR) << "Failed to find working ce key for user " << user_id;
234 return false;
235 }
236
237 // Checks whether the kernel definitely supports the sysfs files that describe the storage
238 // hardware's inline encryption capabilities. They are supported in upstream 5.18 and later, and in
239 // android14-5.15 and later (but not android13-5.15). For simplicity we just check for 5.18.
DoesKernelSupportBlkCryptoSysfsFiles()240 static bool DoesKernelSupportBlkCryptoSysfsFiles() {
241 struct utsname uts;
242 unsigned int major = 0, minor = 0;
243 if (uname(&uts) != 0 || sscanf(uts.release, "%u.%u", &major, &minor) != 2) {
244 return true; // This should never happen; assume new rather than old.
245 }
246 return major > 5 || (major == 5 && minor >= 18);
247 }
248
249 // Checks whether the storage hardware might support only 32-bit data unit numbers.
DoesHardwareSupportOnly32DunBits(const std::string & blk_device)250 static bool DoesHardwareSupportOnly32DunBits(const std::string& blk_device) {
251 // Handle symlinks.
252 std::string real_path;
253 if (!Realpath(blk_device, &real_path)) {
254 real_path = blk_device;
255 }
256
257 // Handle logical volumes.
258 auto& dm = DeviceMapper::Instance();
259 for (;;) {
260 auto parent = dm.GetParentBlockDeviceByPath(real_path);
261 if (!parent.has_value()) break;
262 real_path = *parent;
263 }
264
265 // Now we should have the "real" block device.
266 std::string name = Basename(real_path);
267
268 // If possible, do the check precisely via sysfs.
269 // Exclude older devices, just in case they are broken by doing the check correctly...
270 if (GetFirstApiLevel() >= __ANDROID_API_V__) {
271 std::string sysfs_path = "/sys/class/block/" + name + "/queue/crypto/max_dun_bits";
272 if (!android::vold::pathExists(sysfs_path)) {
273 // For a partition, "queue" is in the parent directory which represents the disk.
274 sysfs_path = "/sys/class/block/" + name + "/../queue/crypto/max_dun_bits";
275 }
276 if (android::vold::pathExists(sysfs_path)) {
277 std::string max_dun_bits;
278 if (!android::base::ReadFileToString(sysfs_path, &max_dun_bits)) {
279 PLOG(ERROR) << "Error reading " << sysfs_path;
280 return false;
281 }
282 max_dun_bits = android::base::Trim(max_dun_bits);
283 if (max_dun_bits != "32") {
284 LOG(ERROR) << sysfs_path << " = " << max_dun_bits;
285 // In this case, using emmc_optimized is not appropriate because the hardware
286 // supports inline encryption but does not have the 32-bit DUN limit.
287 return false;
288 }
289 LOG(DEBUG) << sysfs_path << " = " << max_dun_bits;
290 return true;
291 }
292 if (DoesKernelSupportBlkCryptoSysfsFiles()) {
293 // In this case, using emmc_optimized is not appropriate because the hardware does not
294 // support inline encryption.
295 LOG(ERROR) << sysfs_path << " does not exist";
296 return false;
297 }
298 // In this case, the kernel might be too old to support the sysfs files.
299 }
300
301 // Fallback method for older kernels that don't have the crypto capabilities in sysfs. The
302 // 32-bit DUN limit is only known to exist on eMMC storage, and also on virtio storage that
303 // inherits the limit from eMMC on the host. So allow either of those storage types. Note that
304 // this can be overly lenient compared to actually checking max_dun_bits.
305 if (StartsWith(name, "mmcblk") || StartsWith(name, "vd")) {
306 LOG(DEBUG) << __func__ << "(): << blk_device = " << blk_device
307 << ", real_path = " << real_path;
308 return true;
309 }
310 // Log at ERROR level here so that it shows up in the kernel log.
311 LOG(ERROR) << __func__ << "(): << blk_device = " << blk_device << ", real_path = " << real_path;
312 return false;
313 }
314
315 // Sets s_data_options to the file encryption options for the /data filesystem.
init_data_file_encryption_options()316 static bool init_data_file_encryption_options() {
317 auto entry = GetEntryForMountPoint(&fstab_default, DATA_MNT_POINT);
318 if (entry == nullptr) {
319 LOG(ERROR) << "No mount point entry for " << DATA_MNT_POINT;
320 return false;
321 }
322 if (!ParseOptions(entry->encryption_options, &s_data_options)) {
323 LOG(ERROR) << "Unable to parse encryption options for " << DATA_MNT_POINT ": "
324 << entry->encryption_options;
325 return false;
326 }
327 if ((s_data_options.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) &&
328 !DoesHardwareSupportOnly32DunBits(entry->blk_device)) {
329 // This would unnecessarily reduce security and not be compliant with the CDD.
330 LOG(ERROR) << "The emmc_optimized encryption flag is only allowed on hardware limited to "
331 "32-bit DUNs. Remove this flag from the device's fstab";
332 return false;
333 }
334 return true;
335 }
336
install_storage_key(const std::string & mountpoint,const EncryptionOptions & options,const KeyBuffer & key,EncryptionPolicy * policy)337 static bool install_storage_key(const std::string& mountpoint, const EncryptionOptions& options,
338 const KeyBuffer& key, EncryptionPolicy* policy) {
339 if (options.version == 0) {
340 LOG(ERROR) << "EncryptionOptions not initialized";
341 return false;
342 }
343 KeyBuffer ephemeral_wrapped_key;
344 if (options.use_hw_wrapped_key) {
345 if (!exportWrappedStorageKey(key, &ephemeral_wrapped_key)) {
346 LOG(ERROR) << "Failed to get ephemeral wrapped key";
347 return false;
348 }
349 }
350 return installKey(mountpoint, options, options.use_hw_wrapped_key ? ephemeral_wrapped_key : key,
351 policy);
352 }
353
354 // Retrieve the options to use for encryption policies on adoptable storage.
get_volume_file_encryption_options(EncryptionOptions * options)355 static bool get_volume_file_encryption_options(EncryptionOptions* options) {
356 // If we give the empty string, libfscrypt will use the default (currently XTS)
357 auto contents_mode = android::base::GetProperty("ro.crypto.volume.contents_mode", "");
358 // HEH as default was always a mistake. Use the libfscrypt default (CTS)
359 // for devices launching on versions above Android 10.
360 auto first_api_level = GetFirstApiLevel();
361 auto filenames_mode =
362 android::base::GetProperty("ro.crypto.volume.filenames_mode",
363 first_api_level > __ANDROID_API_Q__ ? "" : "aes-256-heh");
364 auto options_string = android::base::GetProperty("ro.crypto.volume.options",
365 contents_mode + ":" + filenames_mode);
366 if (!ParseOptionsForApiLevel(first_api_level, options_string, options)) {
367 LOG(ERROR) << "Unable to parse volume encryption options: " << options_string;
368 return false;
369 }
370 if (options->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32) {
371 LOG(ERROR) << "The emmc_optimized encryption flag is only allowed on eMMC storage. Remove "
372 "this flag from ro.crypto.volume.options";
373 return false;
374 }
375 return true;
376 }
377
378 // Prepare a directory without assigning it an encryption policy. The directory
379 // will inherit the encryption policy of its parent directory, or will be
380 // unencrypted if the parent directory is unencrypted.
prepare_dir(const std::string & dir,mode_t mode,uid_t uid,gid_t gid)381 static bool prepare_dir(const std::string& dir, mode_t mode, uid_t uid, gid_t gid) {
382 LOG(DEBUG) << "Preparing: " << dir;
383 if (android::vold::PrepareDir(dir, mode, uid, gid, 0) != 0) {
384 PLOG(ERROR) << "Failed to prepare " << dir;
385 return false;
386 }
387 return true;
388 }
389
390 // Prepare a directory and assign it the given encryption policy.
prepare_dir_with_policy(const std::string & dir,mode_t mode,uid_t uid,gid_t gid,const EncryptionPolicy & policy)391 static bool prepare_dir_with_policy(const std::string& dir, mode_t mode, uid_t uid, gid_t gid,
392 const EncryptionPolicy& policy) {
393 if (android::vold::pathExists(dir)) {
394 if (!prepare_dir(dir, mode, uid, gid)) return false;
395 if (IsFbeEnabled() && !EnsurePolicy(policy, dir)) return false;
396 } else {
397 // If the directory does not yet exist, then create it under a temporary name, and only move
398 // it to the final name after it is fully prepared with an encryption policy and the desired
399 // file permissions. This prevents the directory from being accessed before it is ready.
400 //
401 // Note: this relies on the SELinux file_contexts assigning the same type to the file path
402 // with the ".new" suffix as to the file path without the ".new" suffix.
403
404 const std::string tmp_dir = dir + ".new";
405 if (android::vold::pathExists(tmp_dir)) {
406 android::vold::DeleteDirContentsAndDir(tmp_dir);
407 }
408 if (!prepare_dir(tmp_dir, mode, uid, gid)) return false;
409 if (IsFbeEnabled() && !EnsurePolicy(policy, tmp_dir)) return false;
410
411 // On some buggy kernels, renaming a directory that is both encrypted and case-insensitive
412 // fails in some specific circumstances. Unfortunately, these circumstances happen here
413 // when processing the "media" directory. This was already fixed by kernel commit
414 // https://git.kernel.org/linus/b5639bb4313b9d45 ('f2fs: don't use casefolded comparison for
415 // "." and ".."'). But to support kernels that lack that fix, we use the below workaround.
416 // It bypasses the bug by making the encryption key of tmp_dir be loaded before the rename.
417 android::vold::pathExists(tmp_dir + "/subdir");
418
419 if (rename(tmp_dir.c_str(), dir.c_str()) != 0) {
420 PLOG(ERROR) << "Failed to rename " << tmp_dir << " to " << dir;
421 return false;
422 }
423 }
424 return true;
425 }
426
destroy_dir(const std::string & dir)427 static bool destroy_dir(const std::string& dir) {
428 LOG(DEBUG) << "Destroying: " << dir;
429 if (rmdir(dir.c_str()) != 0 && errno != ENOENT) {
430 PLOG(ERROR) << "Failed to destroy " << dir;
431 return false;
432 }
433 return true;
434 }
435
436 // Checks whether the DE key directory exists for the given user.
de_key_exists(userid_t user_id)437 static bool de_key_exists(userid_t user_id) {
438 return android::vold::pathExists(get_de_key_path(user_id));
439 }
440
441 // Checks whether at least one CE key subdirectory exists for the given user.
ce_key_exists(userid_t user_id)442 static bool ce_key_exists(userid_t user_id) {
443 auto directory_path = get_ce_key_directory_path(user_id);
444 // The common case is that "$dir/current" exists, so check for that first.
445 if (android::vold::pathExists(get_ce_key_current_path(directory_path))) return true;
446
447 // Else, there could still be another subdirectory of $dir (if a crash
448 // occurred during fixate_user_ce_key()), so check for one.
449 return android::vold::pathExists(directory_path) && !get_ce_key_paths(directory_path).empty();
450 }
451
create_de_key(userid_t user_id,bool ephemeral)452 static bool create_de_key(userid_t user_id, bool ephemeral) {
453 KeyBuffer de_key;
454 if (!generateStorageKey(makeGen(s_data_options), &de_key)) return false;
455 if (!ephemeral && !android::vold::storeKeyAtomically(get_de_key_path(user_id), user_key_temp,
456 kEmptyAuthentication, de_key))
457 return false;
458 EncryptionPolicy de_policy;
459 if (!install_storage_key(DATA_MNT_POINT, s_data_options, de_key, &de_policy)) return false;
460 s_de_policies[user_id].internal = de_policy;
461 LOG(INFO) << "Created DE key for user " << user_id;
462 return true;
463 }
464
create_ce_key(userid_t user_id,bool ephemeral)465 static bool create_ce_key(userid_t user_id, bool ephemeral) {
466 KeyBuffer ce_key;
467 if (!generateStorageKey(makeGen(s_data_options), &ce_key)) return false;
468 if (!ephemeral) {
469 if (!prepare_dir(get_ce_key_directory_path(user_id), 0700, AID_ROOT, AID_ROOT))
470 return false;
471 // We don't store the CE key on disk here, since here we don't have the
472 // secret needed to do so securely. Instead, we cache it in memory for
473 // now, and we store it later in fscrypt_set_ce_key_protection().
474 s_new_ce_keys.insert({user_id, ce_key});
475 }
476 EncryptionPolicy ce_policy;
477 if (!install_storage_key(DATA_MNT_POINT, s_data_options, ce_key, &ce_policy)) return false;
478 s_ce_policies[user_id].internal = ce_policy;
479 LOG(INFO) << "Created CE key for user " << user_id;
480 return true;
481 }
482
is_numeric(const char * name)483 static bool is_numeric(const char* name) {
484 for (const char* p = name; *p != '\0'; p++) {
485 if (!isdigit(*p)) return false;
486 }
487 return true;
488 }
489
load_all_de_keys()490 static bool load_all_de_keys() {
491 auto de_dir = user_key_dir + "/de";
492 auto dirp = std::unique_ptr<DIR, int (*)(DIR*)>(opendir(de_dir.c_str()), closedir);
493 if (!dirp) {
494 PLOG(ERROR) << "Unable to read de key directory";
495 return false;
496 }
497 for (;;) {
498 errno = 0;
499 auto entry = readdir(dirp.get());
500 if (!entry) {
501 if (errno) {
502 PLOG(ERROR) << "Unable to read de key directory";
503 return false;
504 }
505 break;
506 }
507 if (IsDotOrDotDot(*entry)) continue;
508 if (entry->d_type != DT_DIR || !is_numeric(entry->d_name)) {
509 LOG(DEBUG) << "Skipping non-de-key " << entry->d_name;
510 continue;
511 }
512 userid_t user_id = std::stoi(entry->d_name);
513 auto key_path = de_dir + "/" + entry->d_name;
514 KeyBuffer de_key;
515 if (!retrieveKey(key_path, kEmptyAuthentication, &de_key)) {
516 // This is probably a partially removed user, so ignore
517 if (user_id != 0) continue;
518 return false;
519 }
520 EncryptionPolicy de_policy;
521 if (!install_storage_key(DATA_MNT_POINT, s_data_options, de_key, &de_policy)) return false;
522 const auto& [existing, is_new] = s_de_policies.insert({user_id, {de_policy, {}}});
523 if (!is_new && existing->second.internal != de_policy) {
524 LOG(ERROR) << "DE policy for user" << user_id << " changed";
525 return false;
526 }
527 LOG(DEBUG) << "Installed de key for user " << user_id;
528 }
529 // fscrypt:TODO: go through all DE directories, ensure that all user dirs have the
530 // correct policy set on them, and that no rogue ones exist.
531 return true;
532 }
533
fscrypt_initialize_systemwide_keys()534 bool fscrypt_initialize_systemwide_keys() {
535 LOG(INFO) << "fscrypt_initialize_systemwide_keys";
536
537 if (!init_data_file_encryption_options()) return false;
538
539 KeyBuffer device_key;
540 if (!retrieveOrGenerateKey(device_key_path, device_key_temp, kEmptyAuthentication,
541 makeGen(s_data_options), &device_key))
542 return false;
543
544 // This initializes s_device_policy, which is a global variable so that
545 // fscrypt_init_user0() can access it later.
546 if (!install_storage_key(DATA_MNT_POINT, s_data_options, device_key, &s_device_policy))
547 return false;
548
549 std::string options_string;
550 if (!OptionsToString(s_device_policy.options, &options_string)) {
551 LOG(ERROR) << "Unable to serialize options";
552 return false;
553 }
554 std::string options_filename = std::string(DATA_MNT_POINT) + fscrypt_key_mode;
555 if (!android::vold::writeStringToFile(options_string, options_filename)) return false;
556
557 std::string ref_filename = std::string(DATA_MNT_POINT) + fscrypt_key_ref;
558 if (!android::vold::writeStringToFile(s_device_policy.key_raw_ref, ref_filename)) return false;
559 LOG(INFO) << "Wrote system DE key reference to:" << ref_filename;
560
561 KeyBuffer per_boot_key;
562 if (!generateStorageKey(makeGen(s_data_options), &per_boot_key)) return false;
563 EncryptionPolicy per_boot_policy;
564 if (!install_storage_key(DATA_MNT_POINT, s_data_options, per_boot_key, &per_boot_policy))
565 return false;
566 std::string per_boot_ref_filename = std::string("/data") + fscrypt_key_per_boot_ref;
567 if (!android::vold::writeStringToFile(per_boot_policy.key_raw_ref, per_boot_ref_filename))
568 return false;
569 LOG(INFO) << "Wrote per boot key reference to:" << per_boot_ref_filename;
570
571 return true;
572 }
573
prepare_special_dirs()574 static bool prepare_special_dirs() {
575 // Ensure that /data/data and its "alias" /data/user/0 exist, and create the
576 // bind mount of /data/data onto /data/user/0. This *should* happen in
577 // fscrypt_prepare_user_storage(). However, it actually must be done early,
578 // before the rest of user 0's CE storage is prepared. This is because
579 // zygote may need to set up app data isolation before then, which requires
580 // mounting a tmpfs over /data/data to ensure it remains hidden. This issue
581 // arises due to /data/data being in the top-level directory.
582
583 // /data/user/0 used to be a symlink to /data/data, so we must first delete
584 // the old symlink if present.
585 if (android::vold::IsSymlink(data_user_0_dir) && android::vold::Unlink(data_user_0_dir) != 0)
586 return false;
587 // On first boot, we'll be creating /data/data for the first time, and user
588 // 0's CE key will be installed already since it was just created. Take the
589 // opportunity to also set the encryption policy of /data/data right away.
590 if (s_ce_policies.count(0) != 0) {
591 const EncryptionPolicy& ce_policy = s_ce_policies[0].internal;
592 if (!prepare_dir_with_policy(data_data_dir, 0771, AID_SYSTEM, AID_SYSTEM, ce_policy)) {
593 // Preparing /data/data failed, yet we had just generated a new CE
594 // key because one wasn't stored. Before erroring out, try deleting
595 // the directory and retrying, as it's possible that the directory
596 // exists with different CE policy from an interrupted first boot.
597 if (rmdir(data_data_dir.c_str()) != 0) {
598 PLOG(ERROR) << "rmdir " << data_data_dir << " failed";
599 }
600 if (!prepare_dir_with_policy(data_data_dir, 0771, AID_SYSTEM, AID_SYSTEM, ce_policy))
601 return false;
602 }
603 } else {
604 if (!prepare_dir(data_data_dir, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
605 // EnsurePolicy() will have to happen later, in fscrypt_prepare_user_storage().
606 }
607 if (!prepare_dir(data_user_0_dir, 0700, AID_SYSTEM, AID_SYSTEM)) return false;
608 if (android::vold::BindMount(data_data_dir, data_user_0_dir) != 0) return false;
609
610 // If /data/media/obb doesn't exist, create it and encrypt it with the
611 // device policy. Normally, device-policy-encrypted directories are created
612 // and encrypted by init; /data/media/obb is special because it is located
613 // in /data/media. Since /data/media also contains per-user encrypted
614 // directories, by design only vold can write to it. As a side effect of
615 // that, vold must create /data/media/obb.
616 //
617 // We must tolerate /data/media/obb being unencrypted if it already exists
618 // on-disk, since it used to be unencrypted (b/64566063).
619 if (android::vold::pathExists(media_obb_dir)) {
620 if (!prepare_dir(media_obb_dir, 0770, AID_MEDIA_RW, AID_MEDIA_RW)) return false;
621 } else {
622 if (!prepare_dir_with_policy(media_obb_dir, 0770, AID_MEDIA_RW, AID_MEDIA_RW,
623 s_device_policy))
624 return false;
625 }
626 return true;
627 }
628
629 bool fscrypt_init_user0_done;
630
fscrypt_init_user0()631 bool fscrypt_init_user0() {
632 LOG(DEBUG) << "fscrypt_init_user0";
633
634 if (IsFbeEnabled()) {
635 if (!prepare_dir(user_key_dir, 0700, AID_ROOT, AID_ROOT)) return false;
636 if (!prepare_dir(user_key_dir + "/ce", 0700, AID_ROOT, AID_ROOT)) return false;
637 if (!prepare_dir(user_key_dir + "/de", 0700, AID_ROOT, AID_ROOT)) return false;
638
639 // Create user 0's DE and CE keys if they don't already exist. Check
640 // each key independently, since if the first boot was interrupted it is
641 // possible that the DE key exists but the CE key does not.
642 if (!de_key_exists(0) && !create_de_key(0, false)) return false;
643 if (!ce_key_exists(0) && !create_ce_key(0, false)) return false;
644
645 // TODO: switch to loading only DE_0 here once framework makes
646 // explicit calls to install DE keys for secondary users
647 if (!load_all_de_keys()) return false;
648 }
649
650 // Now that user 0's CE key has been created, we can prepare /data/data.
651 if (!prepare_special_dirs()) return false;
652
653 // With the exception of what is done by prepare_special_dirs() above, we
654 // only prepare DE storage here, since user 0's CE key won't be installed
655 // yet unless it was just created. The framework will prepare the user's CE
656 // storage later, once their CE key is installed.
657 if (!fscrypt_prepare_user_storage("", 0, android::os::IVold::STORAGE_FLAG_DE)) {
658 LOG(ERROR) << "Failed to prepare user 0 storage";
659 return false;
660 }
661
662 fscrypt_init_user0_done = true;
663 return true;
664 }
665
666 // Creates the CE and DE keys for a new user.
fscrypt_create_user_keys(userid_t user_id,bool ephemeral)667 bool fscrypt_create_user_keys(userid_t user_id, bool ephemeral) {
668 LOG(DEBUG) << "fscrypt_create_user_keys for " << user_id;
669 if (!IsFbeEnabled()) {
670 return true;
671 }
672 // FIXME test for existence of key that is not loaded yet
673 if (s_ce_policies.count(user_id) != 0) {
674 LOG(ERROR) << "Already exists, can't create keys for " << user_id;
675 // FIXME should we fail the command?
676 return true;
677 }
678 if (!create_de_key(user_id, ephemeral)) return false;
679 if (!create_ce_key(user_id, ephemeral)) return false;
680 if (ephemeral) s_ephemeral_users.insert(user_id);
681 return true;
682 }
683
684 // Evicts all the user's keys of one type from all volumes (internal and adoptable).
685 // This evicts either CE keys or DE keys, depending on which map is passed.
evict_user_keys(std::map<userid_t,UserPolicies> & policy_map,userid_t user_id)686 static bool evict_user_keys(std::map<userid_t, UserPolicies>& policy_map, userid_t user_id) {
687 bool success = true;
688 auto it = policy_map.find(user_id);
689 if (it != policy_map.end()) {
690 const UserPolicies& policies = it->second;
691 success &= android::vold::evictKey(BuildDataPath(""), policies.internal);
692 for (const auto& [volume_uuid, policy] : policies.adoptable) {
693 success &= android::vold::evictKey(BuildDataPath(volume_uuid), policy);
694 }
695 policy_map.erase(it);
696 }
697 return success;
698 }
699
700 // Evicts and destroys all CE and DE keys for a user. This is called when the user is removed.
fscrypt_destroy_user_keys(userid_t user_id)701 bool fscrypt_destroy_user_keys(userid_t user_id) {
702 LOG(DEBUG) << "fscrypt_destroy_user_keys(" << user_id << ")";
703 if (!IsFbeEnabled()) {
704 return true;
705 }
706 bool success = true;
707
708 success &= evict_user_keys(s_ce_policies, user_id);
709 success &= evict_user_keys(s_de_policies, user_id);
710
711 if (!s_ephemeral_users.erase(user_id)) {
712 auto ce_path = get_ce_key_directory_path(user_id);
713 if (!s_new_ce_keys.erase(user_id)) {
714 for (auto const path : get_ce_key_paths(ce_path)) {
715 success &= android::vold::destroyKey(path);
716 }
717 }
718 s_deferred_fixations.erase(ce_path);
719 success &= destroy_dir(ce_path);
720
721 auto de_key_path = get_de_key_path(user_id);
722 if (android::vold::pathExists(de_key_path)) {
723 success &= android::vold::destroyKey(de_key_path);
724 } else {
725 LOG(INFO) << "Not present so not erasing: " << de_key_path;
726 }
727 }
728 return success;
729 }
730
authentication_from_secret(const std::vector<uint8_t> & secret)731 static android::vold::KeyAuthentication authentication_from_secret(
732 const std::vector<uint8_t>& secret) {
733 std::string secret_str(secret.begin(), secret.end());
734 if (secret_str.empty()) {
735 return kEmptyAuthentication;
736 } else {
737 return android::vold::KeyAuthentication(secret_str);
738 }
739 }
740
volkey_path(const std::string & misc_path,const std::string & volume_uuid)741 static std::string volkey_path(const std::string& misc_path, const std::string& volume_uuid) {
742 return misc_path + "/vold/volume_keys/" + volume_uuid + "/default";
743 }
744
volume_secdiscardable_path(const std::string & volume_uuid)745 static std::string volume_secdiscardable_path(const std::string& volume_uuid) {
746 return systemwide_volume_key_dir + "/" + volume_uuid + "/secdiscardable";
747 }
748
read_or_create_volkey(const std::string & misc_path,const std::string & volume_uuid,UserPolicies & user_policies,EncryptionPolicy * policy)749 static bool read_or_create_volkey(const std::string& misc_path, const std::string& volume_uuid,
750 UserPolicies& user_policies, EncryptionPolicy* policy) {
751 auto secdiscardable_path = volume_secdiscardable_path(volume_uuid);
752 std::string secdiscardable_hash;
753 if (android::vold::pathExists(secdiscardable_path)) {
754 if (!android::vold::readSecdiscardable(secdiscardable_path, &secdiscardable_hash))
755 return false;
756 } else {
757 if (!android::vold::MkdirsSync(secdiscardable_path, 0700)) return false;
758 if (!android::vold::createSecdiscardable(secdiscardable_path, &secdiscardable_hash))
759 return false;
760 }
761 auto key_path = volkey_path(misc_path, volume_uuid);
762 if (!android::vold::MkdirsSync(key_path, 0700)) return false;
763 android::vold::KeyAuthentication auth(secdiscardable_hash);
764
765 EncryptionOptions options;
766 if (!get_volume_file_encryption_options(&options)) return false;
767 KeyBuffer key;
768 if (!retrieveOrGenerateKey(key_path, key_path + "_tmp", auth, makeGen(options), &key))
769 return false;
770 if (!install_storage_key(BuildDataPath(volume_uuid), options, key, policy)) return false;
771 user_policies.adoptable[volume_uuid] = *policy;
772 return true;
773 }
774
destroy_volkey(const std::string & misc_path,const std::string & volume_uuid)775 static bool destroy_volkey(const std::string& misc_path, const std::string& volume_uuid) {
776 auto path = volkey_path(misc_path, volume_uuid);
777 if (!android::vold::pathExists(path)) return true;
778 return android::vold::destroyKey(path);
779 }
780
781 // (Re-)encrypts the user's CE key with the given secret. This function handles
782 // storing the CE key for a new user for the first time. It also handles
783 // re-encrypting the CE key upon upgrade from an Android version where the CE
784 // key was stored with kEmptyAuthentication when the user didn't have an LSKF.
785 // See the comments below for the different cases handled.
fscrypt_set_ce_key_protection(userid_t user_id,const std::vector<uint8_t> & secret)786 bool fscrypt_set_ce_key_protection(userid_t user_id, const std::vector<uint8_t>& secret) {
787 LOG(DEBUG) << "fscrypt_set_ce_key_protection " << user_id;
788 if (!IsFbeEnabled()) return true;
789 auto auth = authentication_from_secret(secret);
790 if (auth.secret.empty()) {
791 LOG(ERROR) << "fscrypt_set_ce_key_protection: secret must be nonempty";
792 return false;
793 }
794 // We shouldn't store any keys for ephemeral users.
795 if (s_ephemeral_users.count(user_id) != 0) {
796 LOG(DEBUG) << "Not storing key because user is ephemeral";
797 return true;
798 }
799 KeyBuffer ce_key;
800 auto it = s_new_ce_keys.find(user_id);
801 if (it != s_new_ce_keys.end()) {
802 // If the key exists in s_new_ce_keys, then the key is a
803 // not-yet-committed key for a new user, and we are committing it here.
804 // This happens when the user's synthetic password is created.
805 ce_key = it->second;
806 } else if (ce_key_exists(user_id)) {
807 // If the key doesn't exist in s_new_ce_keys but does exist on-disk,
808 // then we are setting the protection on an existing key. This happens
809 // at upgrade time, when CE keys that were previously protected by
810 // kEmptyAuthentication are encrypted by the user's synthetic password.
811 LOG(DEBUG) << "CE key already exists on-disk; re-protecting it with the given secret";
812 if (!read_and_fixate_user_ce_key(user_id, kEmptyAuthentication, &ce_key)) {
813 // Before failing, also check whether the key is already protected
814 // with the given secret.
815 if (read_and_fixate_user_ce_key(user_id, auth, &ce_key)) {
816 LOG(INFO) << "CE key is already protected by given secret. Nothing to do.";
817 LOG(INFO) << "Errors above are for the attempt with empty auth and can be ignored.";
818 return true;
819 }
820 LOG(ERROR) << "Failed to retrieve CE key for user " << user_id;
821 // The key isn't protected by either kEmptyAuthentication or by
822 // |auth|. This should never happen, and there's nothing we can do
823 // besides return an error.
824 return false;
825 }
826 } else {
827 // If the key doesn't exist in memory or on-disk, then we need to
828 // generate it here, then commit it to disk. This is needed after the
829 // unusual case where a non-system user was created during early boot,
830 // and then the device was force-rebooted before the boot completed. In
831 // that case, the Android user record was committed but the CE key was
832 // not. So the CE key was lost, and we need to regenerate it. This
833 // should be fine, since the key should not have been used yet.
834 LOG(WARNING) << "CE key not found! Regenerating it";
835 if (!create_ce_key(user_id, false)) return false;
836 ce_key = s_new_ce_keys.find(user_id)->second;
837 }
838
839 auto const directory_path = get_ce_key_directory_path(user_id);
840 auto const paths = get_ce_key_paths(directory_path);
841 std::string ce_key_path;
842 if (!get_ce_key_new_path(directory_path, paths, &ce_key_path)) return false;
843 if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp, auth, ce_key)) return false;
844
845 // Fixate the key, i.e. delete all other bindings of it. (In practice this
846 // just means the kEmptyAuthentication binding, if there is one.) However,
847 // if a userdata filesystem checkpoint is pending, then we need to delay the
848 // fixation until the checkpoint has been committed, since deleting keys
849 // from Keystore cannot be rolled back.
850 if (android::vold::cp_needsCheckpoint()) {
851 LOG(INFO) << "Deferring fixation of " << directory_path << " until checkpoint is committed";
852 s_deferred_fixations[directory_path] = ce_key_path;
853 } else {
854 s_deferred_fixations.erase(directory_path);
855 if (!fixate_user_ce_key(directory_path, ce_key_path, paths)) return false;
856 }
857
858 if (s_new_ce_keys.erase(user_id)) {
859 LOG(INFO) << "Stored CE key for new user " << user_id;
860 }
861 return true;
862 }
863
fscrypt_deferred_fixate_ce_keys()864 void fscrypt_deferred_fixate_ce_keys() {
865 for (const auto& it : s_deferred_fixations) {
866 const auto& directory_path = it.first;
867 const auto& to_fix = it.second;
868 LOG(INFO) << "Doing deferred fixation of " << directory_path;
869 fixate_user_ce_key(directory_path, to_fix, get_ce_key_paths(directory_path));
870 // Continue on error.
871 }
872 s_deferred_fixations.clear();
873 }
874
fscrypt_get_unlocked_users()875 std::vector<int> fscrypt_get_unlocked_users() {
876 std::vector<int> user_ids;
877 for (const auto& [user_id, user_policies] : s_ce_policies) {
878 user_ids.push_back(user_id);
879 }
880 return user_ids;
881 }
882
883 // Unlocks internal CE storage for the given user. This only unlocks internal storage, since
884 // fscrypt_prepare_user_storage() has to be called for each adoptable storage volume anyway (since
885 // the volume might have been absent when the user was created), and that handles the unlocking.
fscrypt_unlock_ce_storage(userid_t user_id,const std::vector<uint8_t> & secret)886 bool fscrypt_unlock_ce_storage(userid_t user_id, const std::vector<uint8_t>& secret) {
887 LOG(DEBUG) << "fscrypt_unlock_ce_storage " << user_id;
888 if (!IsFbeEnabled()) return true;
889 if (s_ce_policies.count(user_id) != 0) {
890 LOG(WARNING) << "CE storage for user " << user_id << " is already unlocked";
891 return true;
892 }
893 auto auth = authentication_from_secret(secret);
894 KeyBuffer ce_key;
895 if (!read_and_fixate_user_ce_key(user_id, auth, &ce_key)) return false;
896 EncryptionPolicy ce_policy;
897 if (!install_storage_key(DATA_MNT_POINT, s_data_options, ce_key, &ce_policy)) return false;
898 s_ce_policies[user_id].internal = ce_policy;
899 LOG(DEBUG) << "Installed CE key for user " << user_id;
900 return true;
901 }
902
903 // Locks CE storage for the given user. This locks both internal and adoptable storage.
fscrypt_lock_ce_storage(userid_t user_id)904 bool fscrypt_lock_ce_storage(userid_t user_id) {
905 LOG(DEBUG) << "fscrypt_lock_ce_storage " << user_id;
906 if (!IsFbeEnabled()) return true;
907 return evict_user_keys(s_ce_policies, user_id);
908 }
909
prepare_subdirs(const std::string & action,const std::string & volume_uuid,userid_t user_id,int flags)910 static bool prepare_subdirs(const std::string& action, const std::string& volume_uuid,
911 userid_t user_id, int flags) {
912 if (0 != android::vold::ForkExecvp(
913 std::vector<std::string>{prepare_subdirs_path, action, volume_uuid,
914 std::to_string(user_id), std::to_string(flags)})) {
915 LOG(ERROR) << "vold_prepare_subdirs failed";
916 return false;
917 }
918 return true;
919 }
920
fscrypt_prepare_user_storage(const std::string & volume_uuid,userid_t user_id,int flags)921 bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int flags) {
922 LOG(DEBUG) << "fscrypt_prepare_user_storage for volume " << escape_empty(volume_uuid)
923 << ", user " << user_id << ", flags " << flags;
924
925 // Internal storage must be prepared before adoptable storage, since the
926 // user's volume keys are stored in their internal storage.
927 if (!volume_uuid.empty()) {
928 if ((flags & android::os::IVold::STORAGE_FLAG_DE) &&
929 !android::vold::pathExists(android::vold::BuildDataMiscDePath("", user_id))) {
930 LOG(ERROR) << "Cannot prepare DE storage for user " << user_id << " on volume "
931 << volume_uuid << " before internal storage";
932 return false;
933 }
934 if ((flags & android::os::IVold::STORAGE_FLAG_CE) &&
935 !android::vold::pathExists(android::vold::BuildDataMiscCePath("", user_id))) {
936 LOG(ERROR) << "Cannot prepare CE storage for user " << user_id << " on volume "
937 << volume_uuid << " before internal storage";
938 return false;
939 }
940 }
941
942 if (flags & android::os::IVold::STORAGE_FLAG_DE) {
943 // DE_sys key
944 auto system_legacy_path = android::vold::BuildDataSystemLegacyPath(user_id);
945 auto profiles_de_path = android::vold::BuildDataProfilesDePath(user_id);
946
947 // DE_n key
948 EncryptionPolicy de_policy;
949 auto system_de_path = android::vold::BuildDataSystemDePath(user_id);
950 auto misc_de_path = android::vold::BuildDataMiscDePath(volume_uuid, user_id);
951 auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id);
952 auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
953
954 if (IsFbeEnabled()) {
955 auto it = s_de_policies.find(user_id);
956 if (it == s_de_policies.end()) {
957 LOG(ERROR) << "Cannot find DE policy for user " << user_id;
958 return false;
959 }
960 UserPolicies& user_de_policies = it->second;
961 if (volume_uuid.empty()) {
962 de_policy = user_de_policies.internal;
963 } else {
964 auto misc_de_empty_volume_path = android::vold::BuildDataMiscDePath("", user_id);
965 if (!read_or_create_volkey(misc_de_empty_volume_path, volume_uuid, user_de_policies,
966 &de_policy)) {
967 return false;
968 }
969 }
970 }
971
972 if (volume_uuid.empty()) {
973 if (!prepare_dir(system_legacy_path, 0700, AID_SYSTEM, AID_SYSTEM)) return false;
974 if (!prepare_dir(profiles_de_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
975
976 if (!prepare_dir_with_policy(system_de_path, 0770, AID_SYSTEM, AID_SYSTEM, de_policy))
977 return false;
978 if (!prepare_dir_with_policy(vendor_de_path, 0771, AID_ROOT, AID_ROOT, de_policy))
979 return false;
980 }
981
982 if (!prepare_dir_with_policy(misc_de_path, 01771, AID_SYSTEM, AID_MISC, de_policy))
983 return false;
984 if (!prepare_dir_with_policy(user_de_path, 0771, AID_SYSTEM, AID_SYSTEM, de_policy))
985 return false;
986 }
987
988 if (flags & android::os::IVold::STORAGE_FLAG_CE) {
989 // CE_n key
990 EncryptionPolicy ce_policy;
991 auto system_ce_path = android::vold::BuildDataSystemCePath(user_id);
992 auto misc_ce_path = android::vold::BuildDataMiscCePath(volume_uuid, user_id);
993 auto vendor_ce_path = android::vold::BuildDataVendorCePath(user_id);
994 auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
995 auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
996
997 if (IsFbeEnabled()) {
998 auto it = s_ce_policies.find(user_id);
999 if (it == s_ce_policies.end()) {
1000 LOG(ERROR) << "Cannot find CE policy for user " << user_id;
1001 return false;
1002 }
1003 UserPolicies& user_ce_policies = it->second;
1004 if (volume_uuid.empty()) {
1005 ce_policy = user_ce_policies.internal;
1006 } else {
1007 auto misc_ce_empty_volume_path = android::vold::BuildDataMiscCePath("", user_id);
1008 if (!read_or_create_volkey(misc_ce_empty_volume_path, volume_uuid, user_ce_policies,
1009 &ce_policy)) {
1010 return false;
1011 }
1012 }
1013 }
1014
1015 if (volume_uuid.empty()) {
1016 if (!prepare_dir_with_policy(system_ce_path, 0770, AID_SYSTEM, AID_SYSTEM, ce_policy))
1017 return false;
1018 if (!prepare_dir_with_policy(vendor_ce_path, 0771, AID_ROOT, AID_ROOT, ce_policy))
1019 return false;
1020 }
1021 if (!prepare_dir_with_policy(media_ce_path, 02770, AID_MEDIA_RW, AID_MEDIA_RW, ce_policy))
1022 return false;
1023 // On devices without sdcardfs (kernel 5.4+), the path permissions aren't fixed
1024 // up automatically; therefore, use a default ACL, to ensure apps with MEDIA_RW
1025 // can keep reading external storage; in particular, this allows app cloning
1026 // scenarios to work correctly on such devices.
1027 int ret = SetDefaultAcl(media_ce_path, 02770, AID_MEDIA_RW, AID_MEDIA_RW, {AID_MEDIA_RW});
1028 if (ret != android::OK) {
1029 return false;
1030 }
1031 if (!prepare_dir_with_policy(misc_ce_path, 01771, AID_SYSTEM, AID_MISC, ce_policy))
1032 return false;
1033 if (!prepare_dir_with_policy(user_ce_path, 0771, AID_SYSTEM, AID_SYSTEM, ce_policy))
1034 return false;
1035
1036 if (volume_uuid.empty()) {
1037 // Now that credentials have been installed, we can run restorecon
1038 // over these paths
1039 // NOTE: these paths need to be kept in sync with libselinux
1040 android::vold::RestoreconRecursive(system_ce_path);
1041 android::vold::RestoreconRecursive(vendor_ce_path);
1042 android::vold::RestoreconRecursive(misc_ce_path);
1043 }
1044 }
1045 if (!prepare_subdirs("prepare", volume_uuid, user_id, flags)) return false;
1046
1047 return true;
1048 }
1049
fscrypt_destroy_user_storage(const std::string & volume_uuid,userid_t user_id,int flags)1050 bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags) {
1051 LOG(DEBUG) << "fscrypt_destroy_user_storage for volume " << escape_empty(volume_uuid)
1052 << ", user " << user_id << ", flags " << flags;
1053 bool res = true;
1054
1055 res &= prepare_subdirs("destroy", volume_uuid, user_id, flags);
1056
1057 if (flags & android::os::IVold::STORAGE_FLAG_CE) {
1058 // CE_n key
1059 auto system_ce_path = android::vold::BuildDataSystemCePath(user_id);
1060 auto misc_ce_path = android::vold::BuildDataMiscCePath(volume_uuid, user_id);
1061 auto vendor_ce_path = android::vold::BuildDataVendorCePath(user_id);
1062 auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
1063 auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
1064
1065 res &= destroy_dir(media_ce_path);
1066 res &= destroy_dir(misc_ce_path);
1067 res &= destroy_dir(user_ce_path);
1068 if (volume_uuid.empty()) {
1069 res &= destroy_dir(system_ce_path);
1070 res &= destroy_dir(vendor_ce_path);
1071 } else {
1072 if (IsFbeEnabled()) {
1073 auto misc_ce_empty_volume_path = android::vold::BuildDataMiscCePath("", user_id);
1074 res &= destroy_volkey(misc_ce_empty_volume_path, volume_uuid);
1075 }
1076 }
1077 }
1078
1079 if (flags & android::os::IVold::STORAGE_FLAG_DE) {
1080 // DE_sys key
1081 auto system_legacy_path = android::vold::BuildDataSystemLegacyPath(user_id);
1082 auto profiles_de_path = android::vold::BuildDataProfilesDePath(user_id);
1083
1084 // DE_n key
1085 auto system_de_path = android::vold::BuildDataSystemDePath(user_id);
1086 auto misc_de_path = android::vold::BuildDataMiscDePath(volume_uuid, user_id);
1087 auto vendor_de_path = android::vold::BuildDataVendorDePath(user_id);
1088 auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
1089
1090 res &= destroy_dir(user_de_path);
1091 res &= destroy_dir(misc_de_path);
1092 if (volume_uuid.empty()) {
1093 res &= destroy_dir(system_legacy_path);
1094 res &= destroy_dir(profiles_de_path);
1095 res &= destroy_dir(system_de_path);
1096 res &= destroy_dir(vendor_de_path);
1097 } else {
1098 if (IsFbeEnabled()) {
1099 auto misc_de_empty_volume_path = android::vold::BuildDataMiscDePath("", user_id);
1100 res &= destroy_volkey(misc_de_empty_volume_path, volume_uuid);
1101 }
1102 }
1103 }
1104
1105 return res;
1106 }
1107
destroy_volume_keys(const std::string & directory_path,const std::string & volume_uuid)1108 static bool destroy_volume_keys(const std::string& directory_path, const std::string& volume_uuid) {
1109 auto dirp = std::unique_ptr<DIR, int (*)(DIR*)>(opendir(directory_path.c_str()), closedir);
1110 if (!dirp) {
1111 PLOG(ERROR) << "Unable to open directory: " + directory_path;
1112 return false;
1113 }
1114 bool res = true;
1115 for (;;) {
1116 errno = 0;
1117 auto const entry = readdir(dirp.get());
1118 if (!entry) {
1119 if (errno) {
1120 PLOG(ERROR) << "Unable to read directory: " + directory_path;
1121 return false;
1122 }
1123 break;
1124 }
1125 if (IsDotOrDotDot(*entry)) continue;
1126 if (entry->d_type != DT_DIR || entry->d_name[0] == '.') {
1127 LOG(DEBUG) << "Skipping non-user " << entry->d_name;
1128 continue;
1129 }
1130 res &= destroy_volkey(directory_path + "/" + entry->d_name, volume_uuid);
1131 }
1132 return res;
1133 }
1134
erase_volume_policies(std::map<userid_t,UserPolicies> & policy_map,const std::string & volume_uuid)1135 static void erase_volume_policies(std::map<userid_t, UserPolicies>& policy_map,
1136 const std::string& volume_uuid) {
1137 for (auto& [user_id, user_policies] : policy_map) {
1138 user_policies.adoptable.erase(volume_uuid);
1139 }
1140 }
1141
1142 // Destroys all CE and DE keys for an adoptable storage volume that is permanently going away.
1143 // Requires VolumeManager::mCryptLock.
fscrypt_destroy_volume_keys(const std::string & volume_uuid)1144 bool fscrypt_destroy_volume_keys(const std::string& volume_uuid) {
1145 if (!IsFbeEnabled()) return true;
1146 bool res = true;
1147 LOG(DEBUG) << "fscrypt_destroy_volume_keys for volume " << escape_empty(volume_uuid);
1148 auto secdiscardable_path = volume_secdiscardable_path(volume_uuid);
1149 res &= android::vold::runSecdiscardSingle(secdiscardable_path);
1150 res &= destroy_volume_keys("/data/misc_ce", volume_uuid);
1151 res &= destroy_volume_keys("/data/misc_de", volume_uuid);
1152 // Drop the CE and DE policies stored in memory, as they are not needed anymore. Note that it's
1153 // not necessary to also evict the corresponding keys from the kernel, as that happens
1154 // automatically as a result of the volume being unmounted.
1155 erase_volume_policies(s_ce_policies, volume_uuid);
1156 erase_volume_policies(s_de_policies, volume_uuid);
1157 return res;
1158 }
1159