1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <stdio.h> 20 #include <stdint.h> 21 #include <stdbool.h> 22 #include <linux/dm-ioctl.h> 23 24 #include <functional> 25 #include <optional> 26 #include <string> 27 28 #include <fstab/fstab.h> 29 30 // Magic number at start of verity metadata 31 #define VERITY_METADATA_MAGIC_NUMBER 0xb001b001 32 33 // Replacement magic number at start of verity metadata to cleanly 34 // turn verity off in userdebug builds. 35 #define VERITY_METADATA_MAGIC_DISABLE 0x46464f56 // "VOFF" 36 37 // Verity modes 38 enum verity_mode { 39 VERITY_MODE_EIO = 0, 40 VERITY_MODE_LOGGING = 1, 41 VERITY_MODE_RESTART = 2, 42 VERITY_MODE_LAST = VERITY_MODE_RESTART, 43 VERITY_MODE_DEFAULT = VERITY_MODE_RESTART 44 }; 45 46 // Mount modes 47 enum mount_mode { 48 MOUNT_MODE_DEFAULT = 0, 49 MOUNT_MODE_EARLY = 1, 50 MOUNT_MODE_LATE = 2, 51 // TODO(b/135984674): remove this after refactoring fs_mgr_mount_all. 52 MOUNT_MODE_ONLY_USERDATA = 3 53 }; 54 55 #define FS_MGR_MNTALL_DEV_IS_METADATA_ENCRYPTED 7 56 #define FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION 6 57 #define FS_MGR_MNTALL_DEV_FILE_ENCRYPTED 5 58 #define FS_MGR_MNTALL_DEV_NEEDS_RECOVERY 4 59 #define FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE 0 60 #define FS_MGR_MNTALL_FAIL (-1) 61 62 struct MountAllResult { 63 // One of the FS_MGR_MNTALL_* returned code defined above. 64 int code; 65 // Whether userdata was mounted as a result of |fs_mgr_mount_all| call. 66 bool userdata_mounted; 67 }; 68 69 struct HashtreeInfo { 70 // The hash algorithm used to build the merkle tree. 71 std::string algorithm; 72 // The root digest of the merkle tree. 73 std::string root_digest; 74 // If check_at_most_once is enabled. 75 bool check_at_most_once; 76 }; 77 78 // fs_mgr_mount_all() updates fstab entries that reference device-mapper. 79 // Returns a |MountAllResult|. The first element is one of the FS_MNG_MNTALL_* return codes 80 // defined above, and the second element tells whether this call to fs_mgr_mount_all was responsible 81 // for mounting userdata. Later is required for init to correctly enqueue fs-related events as part 82 // of userdata remount during userspace reboot. 83 MountAllResult fs_mgr_mount_all(android::fs_mgr::Fstab* fstab, int mount_mode); 84 85 #define FS_MGR_DOMNT_FAILED (-1) 86 #define FS_MGR_DOMNT_BUSY (-2) 87 #define FS_MGR_DOMNT_SUCCESS 0 88 int fs_mgr_do_mount(android::fs_mgr::Fstab* fstab, const std::string& n_name, 89 const std::string& n_blk_device, int needs_checkpoint, bool needs_encrypt); 90 int fs_mgr_do_mount_one(const android::fs_mgr::FstabEntry& entry, 91 const std::string& mount_point = ""); 92 bool fs_mgr_load_verity_state(int* mode); 93 // Returns true if verity is enabled on this particular FstabEntry. 94 bool fs_mgr_is_verity_enabled(const android::fs_mgr::FstabEntry& entry); 95 // Returns the verity hashtree information of this particular FstabEntry. Returns std::nullopt 96 // if the input isn't a dm-verity entry, or if there is an error. 97 std::optional<HashtreeInfo> fs_mgr_get_hashtree_info(const android::fs_mgr::FstabEntry& entry); 98 99 bool fs_mgr_swapon_all(const android::fs_mgr::Fstab& fstab); 100 bool fs_mgr_update_logical_partition(android::fs_mgr::FstabEntry* entry); 101 102 // Returns true if the given fstab entry has verity enabled, *and* the verity 103 // device is in "check_at_most_once" mode. 104 bool fs_mgr_verity_is_check_at_most_once(const android::fs_mgr::FstabEntry& entry); 105 106 int fs_mgr_do_format(const android::fs_mgr::FstabEntry& entry); 107 108 #define FS_MGR_SETUP_VERITY_SKIPPED (-3) 109 #define FS_MGR_SETUP_VERITY_DISABLED (-2) 110 #define FS_MGR_SETUP_VERITY_FAIL (-1) 111 #define FS_MGR_SETUP_VERITY_SUCCESS 0 112 int fs_mgr_setup_verity(android::fs_mgr::FstabEntry* fstab, bool wait_for_verity_dev); 113 114 // Return the name of the super partition if it exists. If a slot number is 115 // specified, the super partition for the corresponding metadata slot will be 116 // returned. Otherwise, it will use the current slot. 117 std::string fs_mgr_get_super_partition_name(int slot = -1); 118 119 enum FsMgrUmountStatus : int { 120 SUCCESS = 0, 121 ERROR_UNKNOWN = 1 << 0, 122 ERROR_UMOUNT = 1 << 1, 123 ERROR_VERITY = 1 << 2, 124 ERROR_DEVICE_MAPPER = 1 << 3, 125 }; 126 // fs_mgr_umount_all() is the reverse of fs_mgr_mount_all. In particular, 127 // it destroys verity devices from device mapper after the device is unmounted. 128 int fs_mgr_umount_all(android::fs_mgr::Fstab* fstab); 129 130 // Finds a entry in |fstab| that was used to mount a /data on |data_block_device|. 131 android::fs_mgr::FstabEntry* fs_mgr_get_mounted_entry_for_userdata( 132 android::fs_mgr::Fstab* fstab, const std::string& data_block_device); 133 int fs_mgr_remount_userdata_into_checkpointing(android::fs_mgr::Fstab* fstab); 134 135 // Finds the dm_bow device on which this block device is stacked, or returns 136 // empty string 137 std::string fs_mgr_find_bow_device(const std::string& block_device); 138 139 // Creates mount point if not already existed, and checks that mount point is a 140 // canonical path that doesn't contain any symbolic link or /../. 141 bool fs_mgr_create_canonical_mount_point(const std::string& mount_point); 142 143 // Like fs_mgr_do_mount_one() but for overlayfs fstab entries. 144 // Unlike fs_mgr_overlayfs, mount overlayfs without upperdir and workdir, so the 145 // filesystem cannot be remount read-write. 146 bool fs_mgr_mount_overlayfs_fstab_entry(const android::fs_mgr::FstabEntry& entry); 147