summaryrefslogtreecommitdiffstats
path: root/crypto/lollipop (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Update FDE decrypt to pie from CAFEthan Yonker2019-03-204-1902/+0
| | | | | | | | cryptfs.cpp based on CAF tag LA.UM.7.3.r1-05900-sdm845.0 Used CAF because AOSP no longer contains code for qcom's hardware crypto. Change-Id: I921cbe9bed70989f91449e23b5ac3ec1037b7b97
* Merge AOSP android-9.0.0_r3Ethan Yonker2018-08-242-33/+5
| | | | | | Fix conflicts and make it build in 5.1, 6.0, 7.1, 8.1, and 9.0 Change-Id: Ida0a64c29ff27d339b7f42a18d820930964ac6e4
* cryptfs: Remove dm-crypt device on failed table loadnkk712017-05-231-0/+14
| | | | | | | | | | * The dm-crypt device needs to be removed from the device-mapper driver list otherwise it will remain busy and cannot be used later on by other processes (eg vold_decrypt) or for further testing/debugging in recovery. Change-Id: I35e43a79ecc3de234ddb9f87f7d75c6439ea7454
* cryptfs: Fix encryption issue due to stack corruption.nijel82017-02-191-2/+2
| | | | | | | | | | | Ioctl BLKGETSIZE expects pointer to unsigned long as argument. On 64bit target using pointer to unsigned int can cause stack corruption due to type mismatch. props to https://github.com/aopp/android_system_vold/commit/f8b8787317fc94439b63bc891eeda83f7ae2f4f6 Change-Id: I1d76c65e29479c8f0cd44b6892069b21b8249b95
* Try mounting different filesystems during decryptionJames Christopher Adduono2017-01-211-1/+16
| | | | | | Based on Dees_Troy's approach. Change-Id: Id9aafb6d0c64ab43e2711720a26e30ac86b90235
* recovery: allow usage of TARGET_CRYPTFS_HW_PATHmaxwen2016-08-101-2/+10
| | | | | | | only if not defined fallback to the default more flexible device config where the cryptfs_hw is located Change-Id: I7d1c18eeae877e48dceff06a7cfead28c89797b4
* crypto: remove redundant convert_key_to_hex_ascii callCaptain Throwback2016-05-171-2/+2
| | | | | | | | | | | - Breaks decryption on some hw_crypto devices - Default value already defined in preceding ifdef - PS2: Move crypt_params definition prior to ifdef (matches corresponding code from CAF) Huge thanks to @beaups for figuring out the issue! Change-Id: I1fd4e3a4862f022b17a555773feb1d6deac9d34c
* Fix decrypt of odd number length PIN on hardware cryptoEthan Yonker2016-04-281-2/+2
| | | | | | | | | | | I am not sure if we are really fixing anything other than we are allowing the decrypt process to continue. On hardware crypto the password never seems to match what is expected from the data in the footer, probably because the data is not stored in the footer and TZ does all the work. Still, if it works, it is hard to fault the patch. Change-Id: Ibbb286382e82523bec2064f51fa07194f84820c2
* Restore some old decrypt functionalityEthan Yonker2016-02-171-5/+66
| | | | | | | | Some of the convoluted convert_hex_ascii_to_key code is needed to properly decrypt CM 12.1 patterns where grid size is larger than 3x3. Change-Id: I497e17980046c60d2c69ba56e4b83c8b64b0b80e
* cryptfs: major overhaul and cleanupSultan Qasim Khan2016-02-161-575/+32
| | | | | | | | | - Don't upgrade HW encrypted Lollipop devices to Marshmallow crypto - Fix support for passwords and patterns with an odd number of elements - Remove unused code - Fix build warnings Change-Id: I25f015085e5c859d0353f42f6a2fbc7ccecd48ed
* Adopted Storage supportEthan Yonker2016-01-252-1/+47
| | | | | | | | | | | | | | | | | | | | | -Detects, decrypts, and mounts an adopted SD card if a secondary block device is defined (usually mmcblk1) -Handles unified storage -Displays the adopted storage in MTP along with internal -Factory Reset - wiped just like a data media device, we retain the keys folder and the storage.xml during a factory reset -Backup / Restore -Disable mass storage when adopted storage is present -Read storage nickname from storage.xml and apply it to display names in the GUI -Read storage.xml and determine what storage location is in use for /sdcard and remap accordingly libgpt_twrp is source code mostly kanged from an efimanager project. It is GPL v2 or higher, so we will opt for GPL v3. Change-Id: Ieda0030bec5155ba8d2b9167dc0016cebbf39d55
* Update qcom hardware crypto codeEthan Yonker2016-01-192-51/+206
| | | | Change-Id: I4608c45b3f71b53e0988ca0248d3438110a40149
* Fix CLANG error in cryptfs.cEthan Yonker2015-12-221-1/+1
| | | | Change-Id: If5af8f634bc016160aebaf7d4e6cda6c5650a077
* Merge up to AOSP marshmallow-releaseEthan Yonker2015-10-093-38/+366
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order to maintain compatibility with older trees, we now have minadbd.old and minui.old. I had to use a TARGET_GLOBAL_CFLAG to handle ifdef issues in minui/minui.d because healthd includes minui/minui.h and there was no other alternative to make minui.h compatible with older trees without having to modify healthd rules which is outside of TWRP. Note that the new minui does not currently have support for qcom overlay graphics. Support for this graphics mode will likely be added in a later patch set. If you are building in a 6.0 tree and have a device that needs qcom overlay graphics, be warned, as off mode charging may not work properly. A dead battery in this case could potentially brick your device if it is unable to charge as healthd handles charging duties. Update rules for building toolbox and add rules for making toybox Use permissive.sh in init.rc which will follow symlinks so we do not have to worry about what binary is supplying the setenforce functionality (toolbox, toybox, or busybox). Fix a few warnings in the main recovery binary source code. Fix a few includes that were missing that prevented compiling in 6.0 Change-Id: Ia67aa2107d260883da5e365475a19bea538e8b97
* Support Qualcomm hardware decryptDees Troy2015-05-153-14/+177
| | | | Change-Id: I121ef0f5da209be48f6d87559d539c7fc6d85336
* crypto: remove unused libs and clean up makefilethat2015-01-051-41/+2
| | | | | | libsoftkeymaster and its dependencies appear to be unused. Change-Id: Ib720f5e4d2750a739ba6b65b346c0e167df279d3
* Allow non datamedia devices to wipe encryptionEthan Yonker2014-12-212-1/+2
| | | | | | | | | | | | | With 5.0 L, we decrypt automatically if the default_password is used. Non datamedia devices do not get the format data button so they cannot wipe encryption off the device. This patch add a wipe encryption button where the format data button would normally be located on the Wipe page. This patch also attempts to remove / delete the dm-crypt block device before formatting. Change-Id: I100d5d154d6c49254fd48e23279df973db5f23ae
* Fix include paths in cryptoEthan Yonker2014-12-181-1/+1
| | | | Change-Id: Ia9fd0cd75bd6ee6e14909890cb18a8edb3b22267
* Fixes for compiling crypto in older treesDees Troy2014-12-121-17/+1
| | | | | | | | | | | | | Some of these fixes needed to be made anyway. Note that older trees will still need to have files / repos copied into them from newer trees. Namely we need: system/security/softkeymaster hardware/libhardware/include/hardware/keymaster.h Maybe others as I did not document very carefully what I was pulling in. Change-Id: I465fd1fbe228803ec02fba047b151f07ea13d5ca
* crypto: fix build in < 5.0 treethat2014-12-102-1/+3
| | | | Change-Id: Ie4ed3e91cfb7e509bac1d6db885bd3f415d2b168
* Reduce libs needed for decrypt and clean up old decypt filesEthan Yonker2014-12-043-2213/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | Trim cryptfs.c to remove functions that TWRP does not use for decrypt and remove the need for libfs_mgr from cryptfs.c by passing some items to cryptfs.c from the partition manager. Add support for new fstab flags: encryptable and forceencrypt=/path/to/cryptokey For example: flags=forceencrypt=/dev/block/platform/sdhci-tegra.3/by-name/MD1 Note that "footer" is the default, so you do not need to set this flag on devices that use the footer for the crypto key. Also add mounttodecrypt if you need to mount a partition during the decrypt cycle for firmware of proprietary libs. Clean up decrypt and only support one version Android 5.0 lollipop decrypt should be backwards compatible with older versions so we will only support one version, 1.3 that came with 5.0 lollipop. Remove support for Samsung TouchWiz decrypt. It does not work with the latest versions of Samsung encryption anyway and it has not been updated to work with any AOSP decryption higher than 1.1 Change-Id: I2d9c6e31df50268c91ee642c2fa090f901d9d5c9
* Tweak 5.0 L decryptEthan Yonker2014-11-181-7/+7
| | | | | | | | | Mount the vendor partition if it exists so we can use any proprietary files we may need. Relocate auto decrypt when default_password is in use to after all partitions are added so that we can mount the vendor partition. Change-Id: I93455a35695779f53ef57a82d3d45c7216c13639
* Make libmincrypttwrp a shared libraryEthan Yonker2014-11-171-2/+2
| | | | Change-Id: I8c3f084fc34b00edb4cd1b652290df8bc80ea1db
* Add lollipop decrypt supportEthan Yonker2014-11-123-0/+3903
Kang in cryptfs.c and cryptfs.h from vold. Use TW_INCLUDE_L_CRYPTO := true to enable. Ramdisk must contain the normal fstab file in the root in the usual format of: fstab.{ro.hardware} For examble for Nexus 5: fstab.hammerhead Or on many Qualcomm devices: fstab.qcom Tested against Android 5.0 lollipop on Nexus 7 2012 grouper. Not sure if or how this will work when we are dealing with a device with a hardware keystore. Long term we need to add a GUI element to allow entering a pattern. For now you can decrypt a pattern unlock by converting the dots to numbers in the following format: 123 456 789 So an upper-case L would translate to 14789 as a password entered on the keyboard. Change-Id: I02c29e1f1c2eb29bf002c9fe0fc118357300b5b3