1 /*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <stdio.h>
18 #include <stdlib.h>
19 #include <string.h>
20 #include <unistd.h>
21 #include <fcntl.h>
22 #include <ctype.h>
23 #include <sys/mount.h>
24 #include <sys/stat.h>
25 #include <errno.h>
26 #include <sys/types.h>
27 #include <sys/wait.h>
28 #include <libgen.h>
29 #include <time.h>
30 #include <sys/swap.h>
31 #include <dirent.h>
32 #include <ext4.h>
33 #include <ext4_sb.h>
34 #include <ext4_crypt_init_extensions.h>
35
36 #include <linux/loop.h>
37 #include <private/android_filesystem_config.h>
38 #include <cutils/android_reboot.h>
39 #include <cutils/partition_utils.h>
40 #include <cutils/properties.h>
41 #include <logwrap/logwrap.h>
42
43 #include "mincrypt/rsa.h"
44 #include "mincrypt/sha.h"
45 #include "mincrypt/sha256.h"
46
47 #include "ext4_utils.h"
48 #include "wipe.h"
49
50 #include "fs_mgr_priv.h"
51 #include "fs_mgr_priv_verity.h"
52
53 #define KEY_LOC_PROP "ro.crypto.keyfile.userdata"
54 #define KEY_IN_FOOTER "footer"
55
56 #define E2FSCK_BIN "/system/bin/e2fsck"
57 #define F2FS_FSCK_BIN "/system/bin/fsck.f2fs"
58 #define MKSWAP_BIN "/system/bin/mkswap"
59
60 #define FSCK_LOG_FILE "/dev/fscklogs/log"
61
62 #define ZRAM_CONF_DEV "/sys/block/zram0/disksize"
63
64 #define ARRAY_SIZE(a) (sizeof(a) / sizeof(*(a)))
65
66 /*
67 * gettime() - returns the time in seconds of the system's monotonic clock or
68 * zero on error.
69 */
gettime(void)70 static time_t gettime(void)
71 {
72 struct timespec ts;
73 int ret;
74
75 ret = clock_gettime(CLOCK_MONOTONIC, &ts);
76 if (ret < 0) {
77 ERROR("clock_gettime(CLOCK_MONOTONIC) failed: %s\n", strerror(errno));
78 return 0;
79 }
80
81 return ts.tv_sec;
82 }
83
wait_for_file(const char * filename,int timeout)84 static int wait_for_file(const char *filename, int timeout)
85 {
86 struct stat info;
87 time_t timeout_time = gettime() + timeout;
88 int ret = -1;
89
90 while (gettime() < timeout_time && ((ret = stat(filename, &info)) < 0))
91 usleep(10000);
92
93 return ret;
94 }
95
check_fs(char * blk_device,char * fs_type,char * target)96 static void check_fs(char *blk_device, char *fs_type, char *target)
97 {
98 int status;
99 int ret;
100 long tmpmnt_flags = MS_NOATIME | MS_NOEXEC | MS_NOSUID;
101 char tmpmnt_opts[64] = "errors=remount-ro";
102 char *e2fsck_argv[] = {
103 E2FSCK_BIN,
104 "-f",
105 "-y",
106 blk_device
107 };
108
109 /* Check for the types of filesystems we know how to check */
110 if (!strcmp(fs_type, "ext2") || !strcmp(fs_type, "ext3") || !strcmp(fs_type, "ext4")) {
111 /*
112 * First try to mount and unmount the filesystem. We do this because
113 * the kernel is more efficient than e2fsck in running the journal and
114 * processing orphaned inodes, and on at least one device with a
115 * performance issue in the emmc firmware, it can take e2fsck 2.5 minutes
116 * to do what the kernel does in about a second.
117 *
118 * After mounting and unmounting the filesystem, run e2fsck, and if an
119 * error is recorded in the filesystem superblock, e2fsck will do a full
120 * check. Otherwise, it does nothing. If the kernel cannot mount the
121 * filesytsem due to an error, e2fsck is still run to do a full check
122 * fix the filesystem.
123 */
124 errno = 0;
125 if (!strcmp(fs_type, "ext4")) {
126 // This option is only valid with ext4
127 strlcat(tmpmnt_opts, ",nomblk_io_submit", sizeof(tmpmnt_opts));
128 }
129 ret = mount(blk_device, target, fs_type, tmpmnt_flags, tmpmnt_opts);
130 INFO("%s(): mount(%s,%s,%s)=%d: %s\n",
131 __func__, blk_device, target, fs_type, ret, strerror(errno));
132 if (!ret) {
133 int i;
134 for (i = 0; i < 5; i++) {
135 // Try to umount 5 times before continuing on.
136 // Should we try rebooting if all attempts fail?
137 int result = umount(target);
138 if (result == 0) {
139 INFO("%s(): unmount(%s) succeeded\n", __func__, target);
140 break;
141 }
142 ERROR("%s(): umount(%s)=%d: %s\n", __func__, target, result, strerror(errno));
143 sleep(1);
144 }
145 }
146
147 /*
148 * Some system images do not have e2fsck for licensing reasons
149 * (e.g. recent SDK system images). Detect these and skip the check.
150 */
151 if (access(E2FSCK_BIN, X_OK)) {
152 INFO("Not running %s on %s (executable not in system image)\n",
153 E2FSCK_BIN, blk_device);
154 } else {
155 INFO("Running %s on %s\n", E2FSCK_BIN, blk_device);
156
157 ret = android_fork_execvp_ext(ARRAY_SIZE(e2fsck_argv), e2fsck_argv,
158 &status, true, LOG_KLOG | LOG_FILE,
159 true, FSCK_LOG_FILE, NULL, 0);
160
161 if (ret < 0) {
162 /* No need to check for error in fork, we can't really handle it now */
163 ERROR("Failed trying to run %s\n", E2FSCK_BIN);
164 }
165 }
166 } else if (!strcmp(fs_type, "f2fs")) {
167 char *f2fs_fsck_argv[] = {
168 F2FS_FSCK_BIN,
169 "-a",
170 blk_device
171 };
172 INFO("Running %s -a %s\n", F2FS_FSCK_BIN, blk_device);
173
174 ret = android_fork_execvp_ext(ARRAY_SIZE(f2fs_fsck_argv), f2fs_fsck_argv,
175 &status, true, LOG_KLOG | LOG_FILE,
176 true, FSCK_LOG_FILE, NULL, 0);
177 if (ret < 0) {
178 /* No need to check for error in fork, we can't really handle it now */
179 ERROR("Failed trying to run %s\n", F2FS_FSCK_BIN);
180 }
181 }
182
183 return;
184 }
185
remove_trailing_slashes(char * n)186 static void remove_trailing_slashes(char *n)
187 {
188 int len;
189
190 len = strlen(n) - 1;
191 while ((*(n + len) == '/') && len) {
192 *(n + len) = '\0';
193 len--;
194 }
195 }
196
197 /*
198 * Mark the given block device as read-only, using the BLKROSET ioctl.
199 * Return 0 on success, and -1 on error.
200 */
fs_mgr_set_blk_ro(const char * blockdev)201 int fs_mgr_set_blk_ro(const char *blockdev)
202 {
203 int fd;
204 int rc = -1;
205 int ON = 1;
206
207 fd = TEMP_FAILURE_RETRY(open(blockdev, O_RDONLY | O_CLOEXEC));
208 if (fd < 0) {
209 // should never happen
210 return rc;
211 }
212
213 rc = ioctl(fd, BLKROSET, &ON);
214 close(fd);
215
216 return rc;
217 }
218
219 /*
220 * __mount(): wrapper around the mount() system call which also
221 * sets the underlying block device to read-only if the mount is read-only.
222 * See "man 2 mount" for return values.
223 */
__mount(const char * source,const char * target,const struct fstab_rec * rec)224 static int __mount(const char *source, const char *target, const struct fstab_rec *rec)
225 {
226 unsigned long mountflags = rec->flags;
227 int ret;
228 int save_errno;
229
230 /* We need this because sometimes we have legacy symlinks
231 * that are lingering around and need cleaning up.
232 */
233 struct stat info;
234 if (!lstat(target, &info))
235 if ((info.st_mode & S_IFMT) == S_IFLNK)
236 unlink(target);
237 mkdir(target, 0755);
238 ret = mount(source, target, rec->fs_type, mountflags, rec->fs_options);
239 save_errno = errno;
240 INFO("%s(source=%s,target=%s,type=%s)=%d\n", __func__, source, target, rec->fs_type, ret);
241 if ((ret == 0) && (mountflags & MS_RDONLY) != 0) {
242 fs_mgr_set_blk_ro(source);
243 }
244 errno = save_errno;
245 return ret;
246 }
247
fs_match(char * in1,char * in2)248 static int fs_match(char *in1, char *in2)
249 {
250 char *n1;
251 char *n2;
252 int ret;
253
254 n1 = strdup(in1);
255 n2 = strdup(in2);
256
257 remove_trailing_slashes(n1);
258 remove_trailing_slashes(n2);
259
260 ret = !strcmp(n1, n2);
261
262 free(n1);
263 free(n2);
264
265 return ret;
266 }
267
device_is_debuggable()268 static int device_is_debuggable() {
269 int ret = -1;
270 char value[PROP_VALUE_MAX];
271 ret = __system_property_get("ro.debuggable", value);
272 if (ret < 0)
273 return ret;
274 return strcmp(value, "1") ? 0 : 1;
275 }
276
device_is_secure()277 static int device_is_secure() {
278 int ret = -1;
279 char value[PROP_VALUE_MAX];
280 ret = __system_property_get("ro.secure", value);
281 /* If error, we want to fail secure */
282 if (ret < 0)
283 return 1;
284 return strcmp(value, "0") ? 1 : 0;
285 }
286
device_is_force_encrypted()287 static int device_is_force_encrypted() {
288 int ret = -1;
289 char value[PROP_VALUE_MAX];
290 ret = __system_property_get("ro.vold.forceencryption", value);
291 if (ret < 0)
292 return 0;
293 return strcmp(value, "1") ? 0 : 1;
294 }
295
296 /*
297 * Tries to mount any of the consecutive fstab entries that match
298 * the mountpoint of the one given by fstab->recs[start_idx].
299 *
300 * end_idx: On return, will be the last rec that was looked at.
301 * attempted_idx: On return, will indicate which fstab rec
302 * succeeded. In case of failure, it will be the start_idx.
303 * Returns
304 * -1 on failure with errno set to match the 1st mount failure.
305 * 0 on success.
306 */
mount_with_alternatives(struct fstab * fstab,int start_idx,int * end_idx,int * attempted_idx)307 static int mount_with_alternatives(struct fstab *fstab, int start_idx, int *end_idx, int *attempted_idx)
308 {
309 int i;
310 int mount_errno = 0;
311 int mounted = 0;
312
313 if (!end_idx || !attempted_idx || start_idx >= fstab->num_entries) {
314 errno = EINVAL;
315 if (end_idx) *end_idx = start_idx;
316 if (attempted_idx) *end_idx = start_idx;
317 return -1;
318 }
319
320 /* Hunt down an fstab entry for the same mount point that might succeed */
321 for (i = start_idx;
322 /* We required that fstab entries for the same mountpoint be consecutive */
323 i < fstab->num_entries && !strcmp(fstab->recs[start_idx].mount_point, fstab->recs[i].mount_point);
324 i++) {
325 /*
326 * Don't try to mount/encrypt the same mount point again.
327 * Deal with alternate entries for the same point which are required to be all following
328 * each other.
329 */
330 if (mounted) {
331 ERROR("%s(): skipping fstab dup mountpoint=%s rec[%d].fs_type=%s already mounted as %s.\n", __func__,
332 fstab->recs[i].mount_point, i, fstab->recs[i].fs_type, fstab->recs[*attempted_idx].fs_type);
333 continue;
334 }
335
336 if (fstab->recs[i].fs_mgr_flags & MF_CHECK) {
337 check_fs(fstab->recs[i].blk_device, fstab->recs[i].fs_type,
338 fstab->recs[i].mount_point);
339 }
340 if (!__mount(fstab->recs[i].blk_device, fstab->recs[i].mount_point, &fstab->recs[i])) {
341 *attempted_idx = i;
342 mounted = 1;
343 if (i != start_idx) {
344 ERROR("%s(): Mounted %s on %s with fs_type=%s instead of %s\n", __func__,
345 fstab->recs[i].blk_device, fstab->recs[i].mount_point, fstab->recs[i].fs_type,
346 fstab->recs[start_idx].fs_type);
347 }
348 } else {
349 /* back up errno for crypto decisions */
350 mount_errno = errno;
351 }
352 }
353
354 /* Adjust i for the case where it was still withing the recs[] */
355 if (i < fstab->num_entries) --i;
356
357 *end_idx = i;
358 if (!mounted) {
359 *attempted_idx = start_idx;
360 errno = mount_errno;
361 return -1;
362 }
363 return 0;
364 }
365
translate_ext_labels(struct fstab_rec * rec)366 static int translate_ext_labels(struct fstab_rec *rec)
367 {
368 DIR *blockdir = NULL;
369 struct dirent *ent;
370 char *label;
371 size_t label_len;
372 int ret = -1;
373
374 if (strncmp(rec->blk_device, "LABEL=", 6))
375 return 0;
376
377 label = rec->blk_device + 6;
378 label_len = strlen(label);
379
380 if (label_len > 16) {
381 ERROR("FS label is longer than allowed by filesystem\n");
382 goto out;
383 }
384
385
386 blockdir = opendir("/dev/block");
387 if (!blockdir) {
388 ERROR("couldn't open /dev/block\n");
389 goto out;
390 }
391
392 while ((ent = readdir(blockdir))) {
393 int fd;
394 char super_buf[1024];
395 struct ext4_super_block *sb;
396
397 if (ent->d_type != DT_BLK)
398 continue;
399
400 fd = openat(dirfd(blockdir), ent->d_name, O_RDONLY);
401 if (fd < 0) {
402 ERROR("Cannot open block device /dev/block/%s\n", ent->d_name);
403 goto out;
404 }
405
406 if (TEMP_FAILURE_RETRY(lseek(fd, 1024, SEEK_SET)) < 0 ||
407 TEMP_FAILURE_RETRY(read(fd, super_buf, 1024)) != 1024) {
408 /* Probably a loopback device or something else without a readable
409 * superblock.
410 */
411 close(fd);
412 continue;
413 }
414
415 sb = (struct ext4_super_block *)super_buf;
416 if (sb->s_magic != EXT4_SUPER_MAGIC) {
417 INFO("/dev/block/%s not ext{234}\n", ent->d_name);
418 continue;
419 }
420
421 if (!strncmp(label, sb->s_volume_name, label_len)) {
422 char *new_blk_device;
423
424 if (asprintf(&new_blk_device, "/dev/block/%s", ent->d_name) < 0) {
425 ERROR("Could not allocate block device string\n");
426 goto out;
427 }
428
429 INFO("resolved label %s to %s\n", rec->blk_device, new_blk_device);
430
431 free(rec->blk_device);
432 rec->blk_device = new_blk_device;
433 ret = 0;
434 break;
435 }
436 }
437
438 out:
439 closedir(blockdir);
440 return ret;
441 }
442
needs_block_encryption(const struct fstab_rec * rec)443 static bool needs_block_encryption(const struct fstab_rec* rec)
444 {
445 if (device_is_force_encrypted() && fs_mgr_is_encryptable(rec)) return true;
446 if (rec->fs_mgr_flags & MF_FORCECRYPT) return true;
447 if (rec->fs_mgr_flags & MF_CRYPT) {
448 /* Check for existence of convert_fde breadcrumb file */
449 char convert_fde_name[PATH_MAX];
450 snprintf(convert_fde_name, sizeof(convert_fde_name),
451 "%s/misc/vold/convert_fde", rec->mount_point);
452 if (access(convert_fde_name, F_OK) == 0) return true;
453 }
454 if (rec->fs_mgr_flags & MF_FORCEFDEORFBE) {
455 /* Check for absence of convert_fbe breadcrumb file */
456 char convert_fbe_name[PATH_MAX];
457 snprintf(convert_fbe_name, sizeof(convert_fbe_name),
458 "%s/convert_fbe", rec->mount_point);
459 if (access(convert_fbe_name, F_OK) != 0) return true;
460 }
461 return false;
462 }
463
464 // Check to see if a mountable volume has encryption requirements
handle_encryptable(const struct fstab_rec * rec)465 static int handle_encryptable(const struct fstab_rec* rec)
466 {
467 /* If this is block encryptable, need to trigger encryption */
468 if (needs_block_encryption(rec)) {
469 if (umount(rec->mount_point) == 0) {
470 return FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION;
471 } else {
472 WARNING("Could not umount %s (%s) - allow continue unencrypted\n",
473 rec->mount_point, strerror(errno));
474 return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
475 }
476 } else if (rec->fs_mgr_flags & (MF_FILEENCRYPTION | MF_FORCEFDEORFBE)) {
477 // Deal with file level encryption
478 INFO("%s is file encrypted\n", rec->mount_point);
479 return FS_MGR_MNTALL_DEV_FILE_ENCRYPTED;
480 } else if (fs_mgr_is_encryptable(rec)) {
481 return FS_MGR_MNTALL_DEV_NOT_ENCRYPTED;
482 } else {
483 return FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE;
484 }
485 }
486
487 /* When multiple fstab records share the same mount_point, it will
488 * try to mount each one in turn, and ignore any duplicates after a
489 * first successful mount.
490 * Returns -1 on error, and FS_MGR_MNTALL_* otherwise.
491 */
fs_mgr_mount_all(struct fstab * fstab,int mount_mode)492 int fs_mgr_mount_all(struct fstab *fstab, int mount_mode)
493 {
494 int i = 0;
495 int encryptable = FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE;
496 int error_count = 0;
497 int mret = -1;
498 int mount_errno = 0;
499 int attempted_idx = -1;
500
501 if (!fstab) {
502 return -1;
503 }
504
505 for (i = 0; i < fstab->num_entries; i++) {
506 /* Don't mount entries that are managed by vold or not for the mount mode*/
507 if ((fstab->recs[i].fs_mgr_flags & (MF_VOLDMANAGED | MF_RECOVERYONLY)) ||
508 ((mount_mode == MOUNT_MODE_LATE) && !fs_mgr_is_latemount(&fstab->recs[i])) ||
509 ((mount_mode == MOUNT_MODE_EARLY) && fs_mgr_is_latemount(&fstab->recs[i]))) {
510 continue;
511 }
512
513 /* Skip swap and raw partition entries such as boot, recovery, etc */
514 if (!strcmp(fstab->recs[i].fs_type, "swap") ||
515 !strcmp(fstab->recs[i].fs_type, "emmc") ||
516 !strcmp(fstab->recs[i].fs_type, "mtd")) {
517 continue;
518 }
519
520 /* Skip mounting the root partition, as it will already have been mounted */
521 if (!strcmp(fstab->recs[i].mount_point, "/")) {
522 if ((fstab->recs[i].fs_mgr_flags & MS_RDONLY) != 0) {
523 fs_mgr_set_blk_ro(fstab->recs[i].blk_device);
524 }
525 continue;
526 }
527
528 /* Translate LABEL= file system labels into block devices */
529 if (!strcmp(fstab->recs[i].fs_type, "ext2") ||
530 !strcmp(fstab->recs[i].fs_type, "ext3") ||
531 !strcmp(fstab->recs[i].fs_type, "ext4")) {
532 int tret = translate_ext_labels(&fstab->recs[i]);
533 if (tret < 0) {
534 ERROR("Could not translate label to block device\n");
535 continue;
536 }
537 }
538
539 if (fstab->recs[i].fs_mgr_flags & MF_WAIT) {
540 wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT);
541 }
542
543 if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) {
544 int rc = fs_mgr_setup_verity(&fstab->recs[i]);
545 if (device_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) {
546 INFO("Verity disabled");
547 } else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) {
548 ERROR("Could not set up verified partition, skipping!\n");
549 continue;
550 }
551 }
552 int last_idx_inspected;
553 int top_idx = i;
554
555 mret = mount_with_alternatives(fstab, i, &last_idx_inspected, &attempted_idx);
556 i = last_idx_inspected;
557 mount_errno = errno;
558
559 /* Deal with encryptability. */
560 if (!mret) {
561 int status = handle_encryptable(&fstab->recs[attempted_idx]);
562
563 if (status == FS_MGR_MNTALL_FAIL) {
564 /* Fatal error - no point continuing */
565 return status;
566 }
567
568 if (status != FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE) {
569 if (encryptable != FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE) {
570 // Log and continue
571 ERROR("Only one encryptable/encrypted partition supported\n");
572 }
573 encryptable = status;
574 }
575
576 /* Success! Go get the next one */
577 continue;
578 }
579
580 /* mount(2) returned an error, handle the encryptable/formattable case */
581 bool wiped = partition_wiped(fstab->recs[top_idx].blk_device);
582 if (mret && mount_errno != EBUSY && mount_errno != EACCES &&
583 fs_mgr_is_formattable(&fstab->recs[top_idx]) && wiped) {
584 /* top_idx and attempted_idx point at the same partition, but sometimes
585 * at two different lines in the fstab. Use the top one for formatting
586 * as that is the preferred one.
587 */
588 ERROR("%s(): %s is wiped and %s %s is formattable. Format it.\n", __func__,
589 fstab->recs[top_idx].blk_device, fstab->recs[top_idx].mount_point,
590 fstab->recs[top_idx].fs_type);
591 if (fs_mgr_is_encryptable(&fstab->recs[top_idx]) &&
592 strcmp(fstab->recs[top_idx].key_loc, KEY_IN_FOOTER)) {
593 int fd = open(fstab->recs[top_idx].key_loc, O_WRONLY, 0644);
594 if (fd >= 0) {
595 INFO("%s(): also wipe %s\n", __func__, fstab->recs[top_idx].key_loc);
596 wipe_block_device(fd, get_file_size(fd));
597 close(fd);
598 } else {
599 ERROR("%s(): %s wouldn't open (%s)\n", __func__,
600 fstab->recs[top_idx].key_loc, strerror(errno));
601 }
602 }
603 if (fs_mgr_do_format(&fstab->recs[top_idx]) == 0) {
604 /* Let's replay the mount actions. */
605 i = top_idx - 1;
606 continue;
607 } else {
608 ERROR("%s(): Format failed. Suggest recovery...\n", __func__);
609 encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;
610 continue;
611 }
612 }
613 if (mret && mount_errno != EBUSY && mount_errno != EACCES &&
614 fs_mgr_is_encryptable(&fstab->recs[attempted_idx])) {
615 if (wiped) {
616 ERROR("%s(): %s is wiped and %s %s is encryptable. Suggest recovery...\n", __func__,
617 fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
618 fstab->recs[attempted_idx].fs_type);
619 encryptable = FS_MGR_MNTALL_DEV_NEEDS_RECOVERY;
620 continue;
621 } else {
622 /* Need to mount a tmpfs at this mountpoint for now, and set
623 * properties that vold will query later for decrypting
624 */
625 ERROR("%s(): possibly an encryptable blkdev %s for mount %s type %s )\n", __func__,
626 fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
627 fstab->recs[attempted_idx].fs_type);
628 if (fs_mgr_do_tmpfs_mount(fstab->recs[attempted_idx].mount_point) < 0) {
629 ++error_count;
630 continue;
631 }
632 }
633 encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
634 } else {
635 if (fs_mgr_is_nofail(&fstab->recs[attempted_idx])) {
636 ERROR("Ignoring failure to mount an un-encryptable or wiped partition on"
637 "%s at %s options: %s error: %s\n",
638 fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
639 fstab->recs[attempted_idx].fs_options, strerror(mount_errno));
640 } else {
641 ERROR("Failed to mount an un-encryptable or wiped partition on"
642 "%s at %s options: %s error: %s\n",
643 fstab->recs[attempted_idx].blk_device, fstab->recs[attempted_idx].mount_point,
644 fstab->recs[attempted_idx].fs_options, strerror(mount_errno));
645 ++error_count;
646 }
647 continue;
648 }
649 }
650
651 if (error_count) {
652 return -1;
653 } else {
654 return encryptable;
655 }
656 }
657
658 /* If tmp_mount_point is non-null, mount the filesystem there. This is for the
659 * tmp mount we do to check the user password
660 * If multiple fstab entries are to be mounted on "n_name", it will try to mount each one
661 * in turn, and stop on 1st success, or no more match.
662 */
fs_mgr_do_mount(struct fstab * fstab,char * n_name,char * n_blk_device,char * tmp_mount_point)663 int fs_mgr_do_mount(struct fstab *fstab, char *n_name, char *n_blk_device,
664 char *tmp_mount_point)
665 {
666 int i = 0;
667 int ret = FS_MGR_DOMNT_FAILED;
668 int mount_errors = 0;
669 int first_mount_errno = 0;
670 char *m;
671
672 if (!fstab) {
673 return ret;
674 }
675
676 for (i = 0; i < fstab->num_entries; i++) {
677 if (!fs_match(fstab->recs[i].mount_point, n_name)) {
678 continue;
679 }
680
681 /* We found our match */
682 /* If this swap or a raw partition, report an error */
683 if (!strcmp(fstab->recs[i].fs_type, "swap") ||
684 !strcmp(fstab->recs[i].fs_type, "emmc") ||
685 !strcmp(fstab->recs[i].fs_type, "mtd")) {
686 ERROR("Cannot mount filesystem of type %s on %s\n",
687 fstab->recs[i].fs_type, n_blk_device);
688 goto out;
689 }
690
691 /* First check the filesystem if requested */
692 if (fstab->recs[i].fs_mgr_flags & MF_WAIT) {
693 wait_for_file(n_blk_device, WAIT_TIMEOUT);
694 }
695
696 if (fstab->recs[i].fs_mgr_flags & MF_CHECK) {
697 check_fs(n_blk_device, fstab->recs[i].fs_type,
698 fstab->recs[i].mount_point);
699 }
700
701 if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) {
702 int rc = fs_mgr_setup_verity(&fstab->recs[i]);
703 if (device_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) {
704 INFO("Verity disabled");
705 } else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) {
706 ERROR("Could not set up verified partition, skipping!\n");
707 continue;
708 }
709 }
710
711 /* Now mount it where requested */
712 if (tmp_mount_point) {
713 m = tmp_mount_point;
714 } else {
715 m = fstab->recs[i].mount_point;
716 }
717 if (__mount(n_blk_device, m, &fstab->recs[i])) {
718 if (!first_mount_errno) first_mount_errno = errno;
719 mount_errors++;
720 continue;
721 } else {
722 ret = 0;
723 goto out;
724 }
725 }
726 if (mount_errors) {
727 ERROR("Cannot mount filesystem on %s at %s. error: %s\n",
728 n_blk_device, m, strerror(first_mount_errno));
729 if (first_mount_errno == EBUSY) {
730 ret = FS_MGR_DOMNT_BUSY;
731 } else {
732 ret = FS_MGR_DOMNT_FAILED;
733 }
734 } else {
735 /* We didn't find a match, say so and return an error */
736 ERROR("Cannot find mount point %s in fstab\n", fstab->recs[i].mount_point);
737 }
738
739 out:
740 return ret;
741 }
742
743 /*
744 * mount a tmpfs filesystem at the given point.
745 * return 0 on success, non-zero on failure.
746 */
fs_mgr_do_tmpfs_mount(char * n_name)747 int fs_mgr_do_tmpfs_mount(char *n_name)
748 {
749 int ret;
750
751 ret = mount("tmpfs", n_name, "tmpfs",
752 MS_NOATIME | MS_NOSUID | MS_NODEV, CRYPTO_TMPFS_OPTIONS);
753 if (ret < 0) {
754 ERROR("Cannot mount tmpfs filesystem at %s\n", n_name);
755 return -1;
756 }
757
758 /* Success */
759 return 0;
760 }
761
fs_mgr_unmount_all(struct fstab * fstab)762 int fs_mgr_unmount_all(struct fstab *fstab)
763 {
764 int i = 0;
765 int ret = 0;
766
767 if (!fstab) {
768 return -1;
769 }
770
771 while (fstab->recs[i].blk_device) {
772 if (umount(fstab->recs[i].mount_point)) {
773 ERROR("Cannot unmount filesystem at %s\n", fstab->recs[i].mount_point);
774 ret = -1;
775 }
776 i++;
777 }
778
779 return ret;
780 }
781
782 /* This must be called after mount_all, because the mkswap command needs to be
783 * available.
784 */
fs_mgr_swapon_all(struct fstab * fstab)785 int fs_mgr_swapon_all(struct fstab *fstab)
786 {
787 int i = 0;
788 int flags = 0;
789 int err = 0;
790 int ret = 0;
791 int status;
792 char *mkswap_argv[2] = {
793 MKSWAP_BIN,
794 NULL
795 };
796
797 if (!fstab) {
798 return -1;
799 }
800
801 for (i = 0; i < fstab->num_entries; i++) {
802 /* Skip non-swap entries */
803 if (strcmp(fstab->recs[i].fs_type, "swap")) {
804 continue;
805 }
806
807 if (fstab->recs[i].zram_size > 0) {
808 /* A zram_size was specified, so we need to configure the
809 * device. There is no point in having multiple zram devices
810 * on a system (all the memory comes from the same pool) so
811 * we can assume the device number is 0.
812 */
813 FILE *zram_fp;
814
815 zram_fp = fopen(ZRAM_CONF_DEV, "r+");
816 if (zram_fp == NULL) {
817 ERROR("Unable to open zram conf device %s\n", ZRAM_CONF_DEV);
818 ret = -1;
819 continue;
820 }
821 fprintf(zram_fp, "%d\n", fstab->recs[i].zram_size);
822 fclose(zram_fp);
823 }
824
825 if (fstab->recs[i].fs_mgr_flags & MF_WAIT) {
826 wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT);
827 }
828
829 /* Initialize the swap area */
830 mkswap_argv[1] = fstab->recs[i].blk_device;
831 err = android_fork_execvp_ext(ARRAY_SIZE(mkswap_argv), mkswap_argv,
832 &status, true, LOG_KLOG, false, NULL,
833 NULL, 0);
834 if (err) {
835 ERROR("mkswap failed for %s\n", fstab->recs[i].blk_device);
836 ret = -1;
837 continue;
838 }
839
840 /* If -1, then no priority was specified in fstab, so don't set
841 * SWAP_FLAG_PREFER or encode the priority */
842 if (fstab->recs[i].swap_prio >= 0) {
843 flags = (fstab->recs[i].swap_prio << SWAP_FLAG_PRIO_SHIFT) &
844 SWAP_FLAG_PRIO_MASK;
845 flags |= SWAP_FLAG_PREFER;
846 } else {
847 flags = 0;
848 }
849 err = swapon(fstab->recs[i].blk_device, flags);
850 if (err) {
851 ERROR("swapon failed for %s\n", fstab->recs[i].blk_device);
852 ret = -1;
853 }
854 }
855
856 return ret;
857 }
858
859 /*
860 * key_loc must be at least PROPERTY_VALUE_MAX bytes long
861 *
862 * real_blk_device must be at least PROPERTY_VALUE_MAX bytes long
863 */
fs_mgr_get_crypt_info(struct fstab * fstab,char * key_loc,char * real_blk_device,int size)864 int fs_mgr_get_crypt_info(struct fstab *fstab, char *key_loc, char *real_blk_device, int size)
865 {
866 int i = 0;
867
868 if (!fstab) {
869 return -1;
870 }
871 /* Initialize return values to null strings */
872 if (key_loc) {
873 *key_loc = '\0';
874 }
875 if (real_blk_device) {
876 *real_blk_device = '\0';
877 }
878
879 /* Look for the encryptable partition to find the data */
880 for (i = 0; i < fstab->num_entries; i++) {
881 /* Don't deal with vold managed enryptable partitions here */
882 if (fstab->recs[i].fs_mgr_flags & MF_VOLDMANAGED) {
883 continue;
884 }
885 if (!(fstab->recs[i].fs_mgr_flags
886 & (MF_CRYPT | MF_FORCECRYPT | MF_FORCEFDEORFBE))) {
887 continue;
888 }
889
890 /* We found a match */
891 if (key_loc) {
892 strlcpy(key_loc, fstab->recs[i].key_loc, size);
893 }
894 if (real_blk_device) {
895 strlcpy(real_blk_device, fstab->recs[i].blk_device, size);
896 }
897 break;
898 }
899
900 return 0;
901 }
902